Just a few years ago, security orchestration, automation and response (SOAR) was the new buzzword associated with security modernization. Today, however, SOAR platforms are increasingly assuming a legacy look and feel. Although SOARs still have their place in a modern SecOps strategy, the key to driving SecOps forward today is no-code security automation.
This is the second post in the Threat-Based Methodology series. The first post introduced Threat-Based Methodology and the analysis conducted by the FedRAMP PMO and NIST. That post concluded with a list of the top seven controls based on their Protection Value. This post will explore CM-6 in greater depth and explain how Devo supports the ability to meet this control. CM-6, Configuration Settings, was determined to provide the most Protection Value with a score of 208.86.
Given Russia's reputation for highly-sophisticated cyberattacks, the country's invasion of Ukraine has sparked justified fears of an imminent global cyberwar. While, for the time being, Putin’s cyber efforts against Ukraine are surprisingly restrained, this may not be the case for other countries.
Endpoint devices played a big part in malware and ransomware attacks in 2021. According to a study covered by Help Net Security, security researchers detected more malware and ransomware endpoint infections in the first nine months of the year than they did for all of 2020. Attack scripts leveraging PowerSploit, Cobalt Strike, and other tools were particularly prevalent in that nine-month period, having grown 10% over the previous year after having already climbed 666% compared to 2019.
One of the main challenges of OT security is the problem of compatibility. OT components often differ significantly from each other in terms of age and sophistication as well as software and communication protocols. This complicates asset discovery and makes it difficult to establish a consistent cybersecurity governance approach. Combating asset blindness in OT security begins with taking account of these differences.
