What are Advanced Evasion Techniques? Don't expect CIOs to know, says McAfee

[InfoSec News <alerts () infosecnews org>]

http://news.techworld.com/security/3509357/what-are-advanced-evasion-techniques-dont-expect-cios-know-finds-mcafee/

By John E Dunn
Techworld
31 March 2014

What is an Advanced Evasion Technique (AET)?  According to a McAfee 
survey, an awful lot of CIOs have absolutely no idea, confusing them with 
the more famous Advanced Persistent Threats (APTs) that have become an 
established term on many large organisations' worry list.

The survey of 800 professionals across the US, UK, Germany, France, 
Australia, Brazil, and South Africa found that only 70 percent were even 
sure they understood AETs, with 37 percent of those getting the definition 
wrong. This means that less than half of CIOs can define the term at all.

In fairness to CIOs, nobody has heard of AETs because they are, whisper 
it, pretty dull. They can be explained as subtle techniques designed to 
get around security boxes such as firewalls, Intrusion Detection Systems 
(IDS) and Intrusion Prevention Systems (IPS). Think of them as 
packet-level probes that aim to spot weakness in these products such as 
traffic flows they don’t understand, get confused about or just don’t 
notice.

[...]

--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/