Applied Threat
Research Team

ATR

A world-class team giving bad guys a bad day

The Gigamon Applied Threat Research (ATR) team has a mission to create leading-edge detection, investigation and response capabilities to support the Gigamon Insight solution through world-class threat research.


Our experts leverage Insight to continually research and understand the emerging capabilities, tactics and motivations of today’s threat actors. In addition, the research team disrupts threats by developing and curating detection capabilities for Gigamon Detect that enable you to identify known threat indicators and generic adversary behavior.

research prototype detect
PRESENTATIONS & WEBINARS

Network Forensic Analysis in an Encrypted World

Learn about the research and methodologies for performing network forensic analysis of encrypted communications streams from ICEBRG Co-founder, William Peteroy and Principal Security Engineer, Justin Warner.

NEWS AND REPORTS
research

ARS Technica

Stymied by browsers, attackers embed Flash 0-day inside MS Office document

As browsers make it increasingly hard to exploit vulnerabilities in Adobe Flash, hackers move to using Microsoft Office to remotely load Flash content that used a zero-day flaw to take control of computers.

research

Dark Reading

Four malicious Google Chrome extensions affect 500K users

Threat actors know employees usually trust, and have control over, downloading extensions. Using this, they can execute code via seemingly legitimate applications to gain a foothold.

research

ZDNet

Carbanak hackers pivot plan of attack to target banks, the enterprise

FIN7, a group behind the theft of billions worldwide have changed their plan of attack in targeting businesses. Their change of payload may cause detection issues for legacy signatures and detections.

BLOG & EVENTS

Applied Threat Research Blog

ADOBE FLASH ZERO-DAY LEVERAGED FOR TARGETED ATTACK IN MIDDLE EAST

The Gigamon ATR team (formerly ICEBRG’s Security Research Team) has identified active exploitation of a zero-day vulnerability in Adobe Flash that appears to target persons and organizations in the Middle East.

MORE EXTENSIONS, MORE MONEY, MORE PROBLEMS

In January, ICEBRG (acquired by Gigamon) disclosed the presence of malicious Google Chrome extensions that were impacting over a half-million endpoints worldwide, enabling a massive click-fraud campaign and exposing significant risk to enterprises.

MALICIOUS CHROME EXTENSIONS ENABLE CRIMINALS TO IMPACT OVER HALF A MILLION USERS AND GLOBAL BUSINESSES

Most leading web browsers, including Google Chrome, offer users the ability to install extensions. While these web-based applications can enhance the user's overall experience, they also pose a threat to workstation security with the ability to inject and execute arbitrary code.

MEET THE TEAM

Connect with Other Security Experts

Join the conversation in the Gigamon Community Security group.

Gigamon Community