Cyber Defense eMagazine June 2020 Edition
Cyber Defense eMagazine June Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine June Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
a single opcode on the customer environment and without sending a single packet—all while<br />
guaranteeing 100% coverage.<br />
● Prioritize alerts based on all available data, while presenting a manageable number of alerts.<br />
It makes no sense to 1) have a vulnerability management agent notify about 1,000 workloads at risk<br />
due to vulnerabilities, then 2) have to go to a CSPM to assess whether there is a real attack vector<br />
involved, followed by 3) having to install another distinct agent-based antivirus solution to detect<br />
existing compromises. That approach doesn’t work. The ideal solution must deliver the functionality<br />
of multiple tools out of the box and provide context-based actionable alerts—not “security concerns<br />
by the kilo.”<br />
A Breakthrough Technique for Deeper Cloud Inspection Across 100% of AWS, Azure, and GCP<br />
Assets<br />
Any solution based on these characteristics must leverage the cloud computing paradigm and abandon<br />
the biases of the physical computing world. It can be achieved by embracing virtualization instead of<br />
devices as the premise of inspection.<br />
Today’s cloud datacenter separates storage devices and compute devices, connecting them via highspeed<br />
fiber optics. This enables a unique approach to deep cloud asset inspection. Through the proper<br />
configuration of privileges and roles, it’s possible to take a “snapshot” of an organization’s bits and bytes<br />
of block storage, rebuild a read-only image of the full environment on the side (i.e., out of band), then<br />
scan through the resulting image to look for risks and vulnerabilities.<br />
This approach can see everything without the hassle of installing agents. It can scan the cloud<br />
configuration, network layout, and security configuration while reading into virtual machines’ disks,<br />
databases, and datastores, as well as logs for all of the cloud assets. It can analyze the data, build a fullstack<br />
inventory, and assess the security state of every discovered asset throughout the stack. All this,<br />
without impacting performance or availability.<br />
Here is the real value of this approach: All of this information can be combined with contextual information<br />
from the cloud infrastructure to gain a context-aware view of the findings—the true level of risk. Context<br />
is important because it helps alleviate alert fatigue on behalf of the security team. Actionable findings can<br />
be immediately prioritized and assigned to security engineers or DevOps developers for mitigation or<br />
follow-up.<br />
Upon completion of data analysis and reporting, the snapshot can simply be deleted without a trace.<br />
There is nothing to maintain or deprovision.<br />
Legacy approaches to security have no place in the cloud. It takes a new mindset that is free from the<br />
past to envision innovative solutions for complete cloud security.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> –<strong>June</strong> <strong>2020</strong> <strong>Edition</strong> 67<br />
Copyright © <strong>2020</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.