You can’t defend what you can’t see or don’t know about. The first step in any effective cyber security program is to define your attack surface. With increasingly complex networks, that challenge is only intensifying. Yet 50% of organizations admit to not having a complete picture of their network.
And the attack surface is more than the network. You have to take into account each host and device on that network as well as vulnerabilities unique to each of those systems. This includes ALL devices and hosts – not just the ones directly handling critical data in motion and at rest. Time and again recent history have proven that the bad guys are savvy enough to establish a breach head on a device or endpoint considered “low-value” and then successfully extend their kill chain until they reach what they are really after.
Unfortunately, the thought at many organizations I find is a natural dichotomy between host and network attack surface analysis – both conceptually and in terms of responsibility. But if you don’t cross the host/network attack surface divide, you are going to miss some important risks. To really understand your attack surface, you need more than a map of network segments and list of hosts and their vulnerabilities.
You need to understand all the potential pathways malicious traffic could possibly take through your network – including obscure and indirect paths that don’t immediately look risky or valuable to an attacker. Moreover, you need to be able to juxtapose that network topology and path analysis with your host level security vulnerabilities.
In this real training for free session, we will examine 5 steps for accomplishing this:
- Validate address space
- Quantify edges of network
- Perform path analysis
- Conduct host/device census
- Identify device/host level vulnerabilities
Join us to explore all of these steps and then how to juxtapose and overlay all of this information into a comprehensive, multi-dimensional attack surface.
FireMon is the perfect sponsor for this event and Scott Custer will show you how their unique technology, Lumeta, provides real-time visibility, vulnerability indicators, and risk identification enabling cloud, network, and security teams to find and secure unknown, rogue and shadow IT, network infrastructure, and endpoints.
Please join us for this real training for free session.