Collaborate Disseminate
It’s never too soon to set the stage for your next-generation security operations model. Here are four important considerations to keep in mind.
The post 4 Principles That Should Define Your Evolving Security Operations Model appeared first on Security Intelligence.
Continue reading 4 Principles That Should Define Your Evolving Security Operations Model
Today’s threat landscape requires organizations to operate more proactively to keep up with advanced and persistent threats. There is no doubt that the practice of threat hunting has emerged as a key capability to detect stealthy threat actors trying to gain access to the organizational IT infrastructure by evading traditional security measures. Hunting aims to…
The post Hypothesis in Threat Hunting appeared first on Speaking of Security – The RSA Blog.
In an era of agile development and digital transformation, any application is subject to ongoing enhancement and improvement. Indeed, software engineering is a complex process with many interdependent tasks where multiple functions share responsibilities to strike a balance between software quality and business objectives, regardless of the specialized nature of the teams within the organizational…
The post The evolution of a Threat Pattern appeared first on Speaking of Security – The RSA Blog.
In previous posts we have discussed two of the most critical phases in the “The Lifecycle of a Threat Pattern”: analysis and design. In the analysis phase the objective is to fully understand the asset in scope by getting deeper into the context to formulate a set of residual risks to which the asset might be…
The post Mastering the implementation of a Threat Pattern appeared first on Speaking of Security – The RSA Blog.
Continue reading Mastering the implementation of a Threat Pattern
If you do not fully know the asset, how can you protect it? This is the first challenge security practitioners face during any activity, whether it is a penetration test, code review, risk assessment, or design of a threat pattern. In a previous post, author Davide Veneziano provided an overview of the building-block required to design a consistent…
The post Multi-layered Analysis of a Threat Pattern appeared first on Speaking of Security – The RSA Blog.
Risks come from various sources that are not always possible to identify and subsequently prevent and mitigate in advance. With the growth in cloud, social, mobile and “bring your own device” computing, the size of the attack surface is greater than ever. Many attack scenarios are possible mainly due the complexity of the network’s topology and…
The post Context in Risk-Based Threat Patterns appeared first on Speaking of Security – The RSA Blog and Podcast.