Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Where Comodo Engineering Talks
#1
http://techtalk.comodo.com/2020/10/10/ap...tion-asr2/       
Applying Attack Surface Reduction on top of Attack Surface Reduction : ASR2

Where Comodo Engineering Talks
Applying Attack Surface Reduction on top of Attack Surface Reduction : ASR2
Ozer Metin    Endpoint Protection Extended Detection & Response Kernel API Virtualization    October 10, 2020  |    First some definitions/terminologies so that we all know what we are talking about

Threat Actor: A threat actor or malicious actor is a person, entity or an object responsible for an event or incident that impacts, or has the potential to impact, the safety or security of another entity. In Cybersecurity this can only be a “Human” or an “Executable file” (Executable file is any type of a file that sends instructions to the CPU either directly or through interpretation)

Security Posture: is overall security status of all enterprise inventory consist of software hardware assets, networks, services, people, information etc. where covers also security controls and measurements, cyber defense systems and enterprise readiness to react, response and recover from security incidents.

Attack Surface: The sum-total of points on systems (or networks) where an adversary can try breach to the information systems. It is all possible techniques and paths that an attacker can use to gain unauthorized  access to company’s assets.  (Attack surface of your home, from burglar’s perspective could be your doors, windows, chimney, basement, garden etc )

Attack Vector: An attack vector is a path or means by which a hacker can gain access to a computer or network server in order to deliver a payload for malicious outcome. In most cases attack vectors enable hackers to exploit system vulnerabilities.

Vulnerabilities: Official definition of vulnerability is a weakness which can be exploited by a threat actor. We can also define it as deviation of intended behavior of the system due to intended or unintended manipulation of system inputs or states.

So if we use those terms and define them all on the same context, An attack vector is a path or means by which a hacker can gain access to a computer or network server in order to deliver a payload for malicious outcome. In most cases attack vectors enable hackers to exploit system vulnerabilities. All possible attack entry points on systems are collectively termed as “attack surface”. Security Posture of the enterprises might have millions of possible attack entry points “attack surfaces”, some of them have controls or counter measures from attacks, some of them still open to be exploited. But basically systems without an attack surface is impossible.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)