Keeping corporate IT networks secure from external attack is a constant task for security teams. However, spotting threats that have already breached defences can be an even bigger challenge. … Sophisticated phishing attacks can trick users into downloading infected files or visiting compromised web pages. A simple mistake can mean that, even with the best …
While the coronavirus pandemic has furloughed millions of Australian workers, IT security professionals have been hard-pressed; managing ongoing challenges and implementing solutions to new ones. … Ongoing uncertainty and recessionary conditions triggered by the coronavirus shutdowns mean Australian businesses face a tough journey back to profitability and growth. Scalable and resilient ICT infrastructure and systems …
While change is to be expected, it poses challenges for those charged with securing environments, writes Jim Cook. … For many law firms, the COVID-19 pandemic has been their first real-world test of a majority remote worker scenario. Many firms already had flexible remote work arrangements, whether an occasional work-from-home day for teams or certain …
The momentum of IoT adoption is showing no signs of slowing, and with it comes increasingly material risk for both businesses and households. The quest for innovation has allowed for security to fall behind, and as a result, these devices have infiltrated our lives while creating an environment where attackers can exploit these solutions for anything from ransomware to extensive denial of service attacks, says Carolyn Crandall, chief deception officer at Attivo Networks.
Some of the greatest survivors in nature are those that fool predators in order to derail their attack. This allows them to realise the threat and make their escape or fight back. Take, for instance, the juvenile Damselfish. When threatened by predators, this marine marvel shrinks its eyes and grows a large spot on its tail to look like an eye. Having such a decoy deceives anything wishing to dine on the Damselfish into attacking the tail rather than the head. The fish can then swim off to safety while at the same time circumventing its demise. Similar forms of cunningness can also be seen with butterfly fish, octopus, chameleons, and tree frogs, which are all adept at using various forms of camouflage as a defense against predators.
The next generation of penetration testing represents a more collaborative approach to old fashioned Red Team vs. Blue Team. In 1992, the film Sneakers introduced the term “Red Team” into popular culture as actors Robert Redford, Sydney Poitier, Dan Aykroyd, David Strathairn, and River Phoenix portrayed a team of security experts who hire themselves out to organizations to test their security systems by attempting to hack them. This was a revolutionary concept at the time — the term “penetration test” didn’t even exist yet, and the idea of a friendly security team trying to break through a company’s defenses wasn’t exactly commonplace. Today, penetration testing is an important part of any cybersecurity system, and both internal and external Red Teams play a critical role in that process.
With three in five enterprises now going or planning to go serverless, the attack surface widens. At least one in five organizations, 21%, have implemented serverless computing as part of their cloud-based infrastructure. That’s the finding of a recent survey of 108 IT managers conducted by Datamation. Another 39% are planning or considering serverless resources. The question is, will serverless computing soon gain critical mass, used by a majority of enterprises? Along with this, what are the ramifications for security?
Job No. 1 for any provider of security services is to keep bad guys out of customer environments. When those efforts fail—and they will eventually, no matter how good you are—Job No. 2 is spotting the breach and mitigating its effects. That’s where Attivo Networks aims to help. In a new spin on the threat detection and response products businesses increasingly use to undo the effects of successful attacks, Attivo makes a threat deception and response solution that employs various kinds of decoys and lures to fool intruders into exposing their presence inside the firewall. Preassembled incident response processes can then kick in to implement automated, orchestrated remediation measures. The system is designed to be easy enough for small businesses to deploy and operate, and it’s priced to fit SMB budgets as well.
Unlike other security solutions, Attivo focuses on detecting the threats that have bypassed perimeter security controls, which all determined attackers eventually do. Highly authentic deception traps, along with data, application, and credential lures are deployed to attract an attacker into engaging and revealing their presence. This is quick, efficient, and customers have cited being able to detect and respond to threats in 15 minutes, a dramatic difference compared to the 100+ days of dwell time that many organizations contend with. The solution also adds continuous detection value throughout the phases of the kill chain.