Recorded: 10/12/2011 CERIAS Security Seminar at Purdue University Enterprise-Wide Intrusions Involving Advanced Threats Dan McWhorter and Steve Surdu, Mandiant Corporation Since early 2010 Google, Sony, Epsilon CitiBank, International Monetary Fund, RSA, various law enforcement agencies and many other organizations have been compromised by different attack groups. These groups include hacktivist organizations like Anonymous, Eastern European organized crime and state-sponsored teams referred to as the Advanced Persistent Threat.Mandiant will draw upon investigations it has conducted over the last eighteen months to:Illustrate major differences among the attack groupsDescribe the tactics attackers use to breach their victimsOutline the investigative approaches required to contain active attack groupsDetail remediation techniques that are most successful at removing attackers from the networks.The information covered will not be theoretical. All the material will anonymously reference actual cases Mandiant has conducted � some of which have not received media attention to date. Dan McWhorter is responsible for Mandiant's Professional Education services. Mr. McWhorter has been a part of the Mandiant team for over five years. Over that time he has contributed to dozens of initiatives. He has led and managed incident response investigations, developed and delivered course curriculum, and helped design and implement an automated methodology for evaluating software ...