“4D”
A Risk Strategy for Corporate Business Survival
Deter. Detect. Defend. Document.
By Peter L. Higgins
Lesson 3 of a 4 Part Series
The Mission
Defend the target from any actions by the attackers tools. Targets may include a person, facility, account, process, data, component, computer, Intranet network or Internet. Actions against the target are intended to produce the unauthorized result. Some action categories are labeled:
· Probe
· Scan
· Flood
· Authenticate
· Bypass
· Spoof
· Read
· Copy
· Steal
· Modify
· Delete
The Take Away
In order to understand how to defend your corporate assets, you have to attack them yourself using a continuous combination of tools and tests. Only then will you find out where your single point of failure lies and where the attacker is going to successfully exploit a vulnerability you didn’t know exists.
No comments:
Post a Comment