Defenders are tasked with securing business-critical applications they don’t operationally own or control. As evidenced bythe OWASP Top 10, targeting application vulnerabilities has been a consistent and reliable vector for attackers. Rapidapplication development and the rising complexity of distributed and hybrid environments increase the difficulty ofsecuring these applications exponentially. Defenders must adopt a mindset of assuming their organization will bebreached and implement a focused and effective strategy to detect, isolate, and stop an attacker once a breach occurs.
Frameworks like MITRE ATT&CK™ are emerging as a reliable first step in categorizing attacker behaviors that defenders and defensive controls must learn to prevent, detect, and respond to as part of the “assume breach” mindset. By comparing controls and systems against attacker behaviors, organizations can establish an accurate baseline and prioritize infrastructure adjustments to gain better visibility and increase controls effectiveness.
Security professionals know that implementing advanced defenses like micro-segmentation and app control can dramatically increase the level of effort necessary for an attacker to be effective once an application has been breached but, historically, these approaches have been challenging to get right.
Wanneer je dit whitepaper download ga je ermee akkoord dat je door de leverancier benaderd kan worden.