{"id":7440,"date":"2014-11-20T16:00:10","date_gmt":"2014-11-21T00:00:10","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=7440"},"modified":"2016-12-09T11:13:51","modified_gmt":"2016-12-09T19:13:51","slug":"2015-predictions-threat-prevention","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2014\/11\/2015-predictions-threat-prevention\/","title":{"rendered":"2015 Predictions: Threat Prevention"},"content":{"rendered":"

As 2014 comes to a close, our subject matter experts check in on what they see as major topics and trends for the new year. (You can read all of our 2015 predictions content here<\/a>.)\u00a0<\/em><\/p>\n

\"2015<\/span><\/div><\/p>\n

I know this is a clich\u00e9 statement, but this year has flown by at the speed of light. I love looking to the future and I can\u2019t wait to see how next year will shape up. Looking back on a few key trends in threat prevention for 2014, I can provide some insight into what awaits us in 2015. Here are three trends that stuck out as important indicators of what\u2019s to come in the next year.<\/p>\n

1. Attackers will use more legitimate and convoluted means to launch widespread attacks.<\/strong><\/p>\n

You\u2019ve likely seen the word \u201cmalvertising\u201d tossed around. This attack method has been around for a few years, and Yahoo! and AOL were both targets in September and October of this year, earning attackers thousands of dollars per day.<\/p>\n

But the use of malvertising as an attack method is a shift from the kind of dark-corner trickery seen in spear phishing and packet sniffing to a technique that leverages a legitimate business process to do all the hard work normally involved in delivering malware. The process gives the attacker access to potentially millions of users with minimal effort. All the attacker has to do is design the malvertisement code.<\/p>\n

We\u2019ll be seeing a lot more of these types of malware delivery methods. Not just malvertising campaigns, but also the use of bona fide business procedures to deliver malware and amplify results. Widely-used business channels with little to no security are tempting targets for attackers; they provide a constant stream of unsuspecting targets and feature lots of moving parts that make it impossible to track down the attackers. It will require careful coordination to make these channels more secure.<\/p>\n

2. Application security is getting better all the time. However, we will continue to see a steady stream of zero-days, mostly related to legacy code.<\/strong><\/p>\n

Secure coding practices have become a part of the software developer\u2019s everyday life. In the past few years, we\u2019ve seen more application security and development teams turn to static and dynamic analysis to catch code and business logic vulnerabilities and fix them before the application is released or updates are pushed.<\/p>\n

Customers are starting to build time-to-fix clauses with monetary penalties into their contracts with vendors. If anything is clear in the B2B universe, it\u2019s that vulnerabilities affect application integrity, which affects customer trust, which affects revenue. It\u2019s easier and much cheaper to fix vulnerabilities during the early development cycle than once an application has reached production or even QA.<\/p>\n

However, this also means that legacy code is much more expensive to fix, even if a vulnerability has not yet been exploited in the wild. Along with the fact that black hat hackers are continuing to get more creative, this is the reason why the number of CVEs in 2015 will remain at least equal to if not greater than the number reported in 2014.<\/p>\n

\"CVE<\/span><\/div><\/p>\n

*CVE information for years 2010 through 2013 taken from Secunia <http:\/\/secunia.com\/vulnerability-review\/vulnerability_update_all.html<\/a>><\/p>\n

*CVE information for 2014 taken from <https:\/\/cve.mitre.org\/><\/p>\n

3. IPS functionality and firewall functionality will meld more than it already has.<\/strong><\/p>\n

As the enterprise market sees the benefits of a true platform-based approach to security, I suspect we\u2019ll see more vendors phasing out stand-alone and UTM security solutions.\u00a0What better way to truly bolster the way IPS handles security than by including other defensive techniques like decryption, decompression, application-ID, user-ID, data-loss prevention, and sandboxing?<\/p>\n

The market\u2019s move from traditional IPS to Next-Generation IPS to NGFW + NGIPS already started, but there\u2019s more innovating to be done to supply security that keeps up with what the bad guys are doing. There\u2019ll be more appeal than ever for a single, integrated platform that \u201cdoes it all,\u201d doesn\u2019t require users to take a performance hit, and can be used anywhere from data centers to the cloud.<\/p>\n

So, who else is excited for 2015?<\/p>\n

 <\/p>\n

Threat prevention is among many focus topics at Ignite 2015<\/a>, where you will tackle your toughest security challenges, get your hands dirty in one of our workshops, and expand your threat IQ. Register now<\/a> to join us March 30-April 1, 2015 in Las Vegas -- the best security conference you'll attend all year.<\/em><\/p>\n

\"PAN_IC15_web_logo\"<\/span><\/div><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

As 2014 comes to a close, our subject matter experts check in on what they see as major topics and trends for the new year. (You can read all of our 2015 …<\/p>\n","protected":false},"author":40,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[229,108],"tags":[925,924,52,923],"coauthors":[716],"class_list":["post-7440","post","type-post","status-publish","format-standard","hentry","category-predictions","category-threat-prevention-2","tag-2015-predictions","tag-cves","tag-ips","tag-malvertising"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/7440","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=7440"}],"version-history":[{"count":7,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/7440\/revisions"}],"predecessor-version":[{"id":7449,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/7440\/revisions\/7449"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=7440"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=7440"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=7440"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=7440"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}