June 7, 2022
What’s the attack surface of our Information Technology? Which are the exploitable digital assets? Are we even aware of all the doors and windows a cyber-burglar could leverage to enter our shop?
Enough with the questions!
We simply don’t have all the answers.
We have a partial picture of our rather ambiguous attack surface, as it continues to change as the tech stack and services evolve.
Security teams must get a handle on this shape-shifting entity, validate it often, and fix what needs fixing.
It’s not a form of art. It’s a science.
What’s needed is a platform that can continuously map-n-validate the attack surface and prompt you to fix the gaps that may have been created over time.
The good news – that technology is here. Check out Pentera.
<Previous
A Red Teamer Is Not A Luxury
Someone has to keep us on our toes. Someone must verify that we’re not imprisoned by our own conceptions. Someone must do quality assurance tests on our security controls. We need our red teamers, and we need them badly. “Defense in depth” security practice has become “complex in depth” and the security control stack, policies […]
Next>
Franken-Cyber-Stein
Cybersecurity Defense-in-Depth (DiD) has layers with some redundancies to eliminate a single point of failure and reinforce the control of modern attack vectors. The issue is the ‘glue’ that connects these layers so that they can ideally reinforce each other. In reality, if these systems aren’t integrated tightly together, adversaries will eventually slip in through […]