What is a HEAT attack? To get the answer to that, Enterprise Times talked with Mark Guntrip, Senior Director of Cybersecurity Strategy at Menlo Security. Guntrip started by saying, “HEAT, because everyone in the security industry was always one acronym short of a full set. So we’re delivering that for them. Everyone’s got their bingo card done now. HEAT stands for Highly Evasive, Adaptive Threats. That’s a mouthful, which is why we put it down to HEAT.”
While some attacks are blatant, evasive and adaptive seem to be commonplace. An example is polymorphic attacks that have been around for a long time. The question we asked Guntrip was why are these new attacks different from what we’ve had.
Guntrip replied: “There’s elements of HEAT attacks that have existed forever. There’s ways to get around antivirus. Pretty easy. What did we do as an industry? We added another layer, like reputation. How do I get past reputation? Well, there’s ways we can do that.”
When Guntrip talked about getting past reputation it became clearer what he meant by HEAT. The creation and maintenance of websites to build a reputation before burning them in an attack. Also the increased risk of website takeover and turning good sites into bad. It raises the question of how you protect against this.
An attack vector that Guntrip believes we need to pay more attention to is HTML smuggling. What is that? How do we deal with it? Listen to the podcast and found out.
Where can I get it?
You can listen to the podcast by clicking on the player below. Alternatively, click on any of the podcast services below and go to the Enterprise Times podcast page.