Does anyone employ active threat countermeasures at your company and if so what do you use?

28.8k views6 Upvotes24 Comments

Director of IT in Manufacturing, 51 - 200 employees
Currently we employ the Velo from Windstream for our inter connectivity from office to office. We have Cyren and the cloud monitoring our traveling and off premise employees, we have Cylance as a AV engine as well as the Global install of McAfee which does little for us.  We also have Cisco Firewalls in place both in data centers as well as between internal levels of the network.  We have a SIEM system running and monitoring for windows file changes, and we have other software which assists us in our efforts. 
Senior Director in Finance (non-banking), 10,001+ employees
We are in the process of re-evaluating appropriate counter measures. If you are considering making changes, would recommend looking at Splunk and IBM products to begin with.
VP of Global IT and Cybersecurity in Manufacturing, 501 - 1,000 employees
Would also recommend splunk, sumologic.

Chief Security Officer in Software, 10,001+ employees
Thanks. We use Splunk and other security tools, but those aren’t active countermeasures. Active counter measures change and respond based on the attack, such as software defined network technologies that become tar pits for attackers by slowing down protocols or network devices/services that launch pre-canned responses to attacks (such as an attack itself).
in Finance (non-banking), 501 - 1,000 employees
Hello Lee, we are doing both Systems and physical security, I am trying to find an application to watch out team behavior throw our network and action taken.On the other hand we are trying to follow up for normal procedure and stick to it as bio-metric devices every where with 2 factors authentication with face detection , mandatory vacation and this help you.Thanks Ihab
Director of Technology/CTO in Education, 1,001 - 5,000 employees
We may or may not - being an appropriately paranoid IT security leader, is this thread an attempt to identify easy targets? All joking aside, we use LogRhythm and other tools to maintain our security environment, along with end user training to prevent malware proliferation through phishing.
CFO in Finance (non-banking), 2 - 10 employees
No active measures as our diminutive size was a bit cost prohibitive; we did look at Splunk though and had a very favorable impression.
in Software, 10,001+ employees
darktrace. It is a UK company that worked to develop the technology with MI6. Quite interesting technology. They have offices in the US.
3 1 Reply
Chief Security Officer in Software, 10,001+ employees

I’m less than impressed with DarkTrace, but glad it is working for you.

in Software, 10,001+ employees
CEO in Services (non-Government), 2 - 10 employees
The short answer is that we do employ threat countermeasures at my previous company and even in my current one. But here is more details. Security is like a grading system in schools and colleges. You have to get a good grade on your basic subjects and then you can use the extra credit points to make it even better. One cannot get a bad grade on the basic subjects and use extra credits to get an overall good grade. In security world, the basics you can do for security are absolutely critical. Look at the security compromises at Home Depot, Bank of America and all the other major compromises. You will find basics like Phishing education, security patching, application security, DoS protection, partitioned permission access, no-password hardcoding in applications etc. were the cause. You can have the best threat countermeasure but if an employee clicks on the email that says “I can make you a millionaire … click here” everything else is useless. Here is the bad news – even if one employee clicks on it and all 99.999% do not then also every other security stunt may be useless. So my advice to you is to ask the questions1. What are the top 10-15 basics we need to be good at2. Is your company covered on all the basics3. Do you need to do more than the basics4. Then and only then look for every other solution in the industry Let me leave you with the bear story. When running away from a bear – you do not have to run faster than the bear. You have to run faster than a couple of other people.

Content you might like


No, but we expect to be hit in the future.48%

No, and we don't expect to be hit by ransomware in the future.24%


2.2k views1 Upvote2 Comments

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
47k views133 Upvotes324 Comments


Yes, but third & Nth parties are still a concern39%



Don't know1%