We’re all human: we make mistakes. Unfortunately, there will always be people trying to take advantage of our mistakes for their own benefit, which can cost our business tremendous financial loss. No matter how sophisticated our cyberdefenses are, how advanced our technologies are, how good our security practices are, we will always be constrained by this human factor.
In this newsletter, we’ll cope with the Pushing Left approach. What is this approach? Why do we need it?
In the first episode, we have seen what is deception technology. Let’s discover how to get started.
The term Deception technology might be unknown or obscure to you, and that is perfectly normal considering it refers to one of the latest trend in the cybersecurity field. Its concepts are however quite intuitive and easy to understand, and based on other well-known technologies such as Honeypots.
From an external or an internal perimeter, an attacker will look for weaknesses on the workstation or the server she just gained access. After web server breach in a DMZ or a workstation in the user LAN, her goal is to get access to other machines, to sensitive information that needs more authorization and accesses, taking advantage of machines weaknesses.
Most of the time, the local privilege escalation is a technique that pays off.
Threat Intelligence (TI) is one of these new trendy words in the cybersecurity world. Many vendors offer their own solution of threat intelligence. In the present era of information, the challenge is finding the right solution on time. Sometimes it is like finding a needle in a haystack, but, luckily not always. And this is what TI is about, about going through huge amount of data to find relevant information and use it.
This newsletter will dive deep into the underlying issues of TI, and describes typical pitfalls usually encountered when learning to use it.