In a recent blog entry, I referred to the impending release by Stonesoft of a white paper that would shed more light on the topic of Advanced Evasion Techniques (AETs). Stonesoft recently released this white paper, which I co-authored. The paper published on Stonesoft’s antievasion.com website is entitled, “New Methods and Combinatorics for Bypassing Intrusion Prevention Technologies.”
In the paper, Stonesoft sheds light on why evasions are possible in the first place and answers why protection devices have such difficulties handling both the AETs of today, as well as known evasions that have been around for years. Readers expecting Stonesoft to unveil the technical details on AETs are going to be disappointed. But keep in mind that Stonesoft has repeatedly said that while CERT-FI continues coordinating remediation efforts, it is not yet going to spill the proverbial beans. And while that may disappoint and frustrate some security industry observers and insiders – Stonesoft is doing the right thing by being responsible. The white paper – even without the nitty-gritty technical details – is a pretty good read and makes a number of interesting points. So, check it out!
Also separately note that on November 29, while most of us in the U.S. were digesting all that turkey from Thanksgiving, Gartner published an event note paper on AETs called, “Advanced Evasion Techniques: Weapon of Mass Destruction or Absolute Dud.” Gartner clients registered on their website will find the paper here.