EndGame CEO: Root Out Hackers Before They Strike

The CEO of Endgame, Inc. is calling for an "offensive mindset" to defend enterprises from hackers. An anonymous reader quotes Nate Fick's article on Quartz: Rather than relying on imperfect prevention techniques, or waiting for a breach to happen and then reacting to it, defenders need to 'turn the map around' and hunt proactively for the attackers in order to root out adversaries before they have a chance to do real damage. This is the next frontier of cybersecurity... the vast majority of cybersecurity spending is still going to prevention and perimeter security. Prevention is necessary, but it's not sufficient and it certainly doesn't justify 90 cents of every security dollar...

The government has already figured this out. Across the Department of Defense, the intelligence community, and other forward-leaning agencies, this proactive hunting is already happening, and it's becoming more widespread. Enterprises need to embrace the same mindset.
Fick points out that despite $75 billion on enterprise-level security spending, more than three-quarters of Fortune 500 companies have been breached within the last year.

TFA is a bit vauge

[l0n3s0m3phr34k]

But the companies' (Endgame) blog pages has some actual concrete info. Reading over the site, much of what he talks about is already implemented, or at least there is software out there that companies can get (much of it open source). To quote his page Hunting on hosts:" running processes, active network connections, listening ports, artifacts in the file system, user logs, autoruns", using Yari, etc. BUT, at least this page isn't just "buy my product" but does give some tutorials / examples of how to use various free utilities (like Sysinternals, Yari with Powershell, Elasticsearch) and he even includes CLI examples. I'm bookmarking this and will read over it later when it's not 04:32 and I should be asleep instead of posting on Slashdot LOL.