One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8386765 |
| Date de publication | 2023-09-20 05:00:47 (vue: 2023-09-22 16:02:53) |
| Titre | Toutes les vulnérabilités ne sont pas créées égales: les risques d'identité et les menaces sont la nouvelle vulnérabilité Not All Vulnerabilities Are Created Equal: Identity Risks and Threats Are the New Vulnerability |
| Texte | If the history of cyber threats has taught us anything, it\'s that the game is always changing. The bad actors show us a move. We counter the move. Then, the bad actors show us a new one. Today, that “new move” is the vulnerable state of identities. Attackers realize that even if the network and every endpoint and device are secured, they can still compromise an enterprise\'s resources by gaining access to one privileged account. There is a lot of opportunity to do that, too. Within companies, one in six endpoints has an exploitable identity risk, as research for the Analyzing Identity Risks (AIR) Research Report from Proofpoint found. “Well, that escalated quickly.” The latest Data Breach Investigations Report from Verizon highlights the risks of complex attacks that involve system intrusion. It also underscores the need to disrupt the attacker once they are inside your environment. Once they have that access, they will look for ways to escalate privileges and maintain persistence. And they will search for paths that will allow them to move across the business so that they can achieve their goals, whatever they may be.hey may be. This problem is getting worse because managing enterprise identities and the systems to secure them is complex. Another complication is the constant changes to accounts and their configurations. Attackers are becoming more focused on privileged identity account takeover (ATO) attacks, which allow them to compromise businesses with ease and speed. At least, as compared with the time, effort and cost that may be required to exploit a software vulnerability (a common vulnerability and exposure or CVE). We should expect this trend to continue, given that ATOs have reduced attacker dwell times from months to days. And there is little risk that attackers will be detected before they are able to complete their crimes. How can IT and security leaders and their teams respond? A “back to the basics” approach can help. Shifting the focus to identity protection Security teams work to protect their networks, systems and endpoints in their infrastructure, and they have continued moving up the stack to secure applications. Now, we need to focus more on ways to improve how we protect identities. That is why an identity threat detection and response (ITDR) strategy is so essential today. We tend to think of security in battle terms; as such, identity is the next “hill” we need to defend. As we have done with the network, endpoint and application hills in the past, we should apply basic cyber hygiene and security posture practices to help prevent identity risk. There is value in using preventative and detective controls in this effort, but the former type of control is preferred. (It can cost less to deploy, too.) In other words, as we take this next hill to secure identity threats, we should keep in mind that an ounce of prevention is worth a pound of cure. Identity as a vulnerability management asset type Businesses should consider managing remediation of the identity vulnerabilities that are most often attacked in the same or a similar way to how they manage the millions of other vulnerabilities across their other asset types (network, host, application, etc.). We need to treat identity risk as an asset type. Its vulnerability management should be included in the process for prioritizing vulnerabilities that need remediation. A requirement for doing this is the ability to scan the environment on a continuous basis to discover identities that are vulnerable now-and learn why are at risk. Proofpoint SpotlightTM provides a solution. It enables: The continuous discovery of identity threats and vulnerability management Their automated prioritization based on the risk they pose Visibility into the context of each vulnerability And Spotlight enables fully automated remediation of vulnerabilities where the remediation creates no risk of business interruption. Prioritizing remediation efforts across asset types Most enterprises have millions of vulnerabilities across their |
| Envoyé | Oui |
| Condensat | ability able about access account accounts achieve across actors ahead air all allow also always analyzing another any anything application applications apply approach are around asset associated ato atos attack attacked attacker attackers attacks automated bad based basic basics” basis battle because becoming before being breach break bubble business businesses but can chain changes changing cleaning clear code common companies compare compared compensating complete complex complication compromise configurations consider constant context continue continued continuous control controls copy cost costly counter created creates credentials crimes critical cure cve cves cyber cybersecurity data days defend demand deploy detected detection detective determining device different discover discovered discovery discuss disrupt doing done dwell each early ease easy effectiveness effort efforts enable enables enables: endpoint endpoints enterprise enterprises environment equal: escalate escalated escalating essential etc even every expect experts exploit exploitable exploited exposure factors fairly find focus focused former found free from full fully further gaining game get getting given goals good happens harm has have help hey high highlights hill hills history host how hygiene identities identity idtr importance important improve include included increased infrastructure inside insight interruption intrusion investigations involve itdr its keep key latest leaders learn least left less likelihood list little look lot maintain malicious manage management managing many may millions mind mitigate months more most move move” moving must need network networks new news next not now off offers often once one opportunity other ounce out past paths perimeters perimeters–identity persistence pose posture pound practices preferred prevent preventative prevention prioritization prioritize prioritizing privileged privileges problem process progressing proofpoint protect protection provides quickly realize reduced regression remediate remediated remediating remediation report required requirement research resources respond response risk risks risky same scan search secure secured security shifting should show similar since six software solution speed spotlight spotlighttm stack state stop strategy strength such sufficient surface system systems tactics take takeover taught teams tend terms; testing the: them then these think threat threats time times today too top topic treat trend type types underscores undetected unsecured use using value verizon visibility vulnerabilities vulnerability vulnerable watch way ways webinar webinar: whatever when where which why will within words work worse worth your “back “hill” “new “well |
| Tags | Data Breach Vulnerability Threat Prediction |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.