Cloud access credentials for AWS cloud accounts hardcoded and placed within
containers make it all too easy for hackers to gain entry. We’ve all seen
it in the news - businesses are falling victim to their AWS cloud assets
being used to mine crypto currency. The benefit of cloud is agility, how …
READ MORE
The main lessons from attacks against Internet of Things (IoT) devices are to
change default usernames and passwords, use longer passphrases to avoid brute
force attacks, and make sure devices have enough memory for firmware and
kernel updates to remove vulnerabilities or service backdoors, plus …
READ MORE
Deception has been used for centuries to divert attacker attention and
protect vital assets. In the Art of War, Sun Tzu said: “All warfare is
based on deception. Hence, when we are able to attack, we must seem unable;
when using our forces, we must appear inactive; when we are near, we must
ma …
READ MORE
Originally published in Information Magazine on March 26, 2018.
Machine automation provides leverage to attackers to scale out attacks beyond
human capacity. However, machine analysis has its limits on the types of data
it can assess compared to human capabilities. Recently Fidelis
Cybersecurity …
READ MORE
I recently sat down with a SOC analyst from a large e-commerce vendor who
showed me his daily workflow. He walked through how he had different data
sources pumping into his SIEM, which spit out lots of alerts. Then he walked
through a few examples, starting with the alert from the SIEM and then
…
READ MORE
The goal of cyber deception is to more effectively detect attacks that have
infiltrated an organization’s network, to confuse and misdirect the
attacker, and to understand what assets have been compromised. Remember,
deception defenses can leverage the attackers’ knowledge gap while they try …
READ MORE
A SOC Under Siege: Alert Overload and Cyber Skills Shortage
One of the key issues in cybersecurity today is the skills shortage – there
simply are not enough cybersecurity professionals to go around in the
everyday battle against cybercriminals, nation-states and hacktivists.
According to the …
READ MORE
As we saw in ourprevious blogpost, creating a knowledge gap for your
attackers allows you to divert them and slow them down in their quest for
information. At the same time, knowing what attackers desire creates the
opportunity for an active, intelligent defense to lure, detect, and defend.
This …
READ MORE
Capture the flag exercises show how quickly attackers can learn a new network
environment to reduce their noise levels and evade detection. This puts
pressure on detection defenses in the first few hours or days when attackers
are likely to be noisier. This concept is known as the ‘knowledge ga …
READ MORE