Manage Digital Risk
Address Critical Business Needs
Context in Risk-Based Threat Patterns
Risks come from various sources that are not always possible to identify and subsequently prevent and mitigate in advance. With the growth in cloud, social, mobile and “bring your own device” computing, the size of the attack surface is greater than ever. Many attack scenarios are possible mainly due the complexity of the network’s topology and...
Read more
Engineering The Design Of A Threat Pattern
In our journey of developing and maintaining threat patterns, we have now arrived at a critical phase: the design. While the need of an implementation phase is immediate as well as the evaluation of the background analysis in order to build something meaningful (as explained by my colleague, Demetrio Milea) – the intermediate design phase is the...
The Life Cycle of a Threat Pattern
Applying a structured approach to developing and maintaining significant threat patterns is absolutely key to successfully hunting for the advanced TTPs used by many motivated threat actors. In the post, Context in Risk-Based Threat Patterns, author Demetrio Milea suggested a simple and effective method borrowed from the Software Development Life Cycle (SDLC) to...
Multi-layered Analysis of a Threat Pattern
If you do not fully know the asset, how can you protect it? This is the first challenge security practitioners face during any activity, whether it is a penetration test, code review, risk assessment, or design of a threat pattern. In a previous post, author Davide Veneziano provided an overview of the building-block required to design a consistent...
The evolution of a Threat Pattern
In an era of agile development and digital transformation, any application is subject to ongoing enhancement and improvement. Indeed, software engineering is a complex process with many interdependent tasks where multiple functions share responsibilities to strike a balance between software quality and business objectives, regardless of the specialized nature of the...
Testing a Threat Pattern: Quality is Never an Accident
John Ruskin, one of the great visionaries of the 19th century, said “Quality is never an accident; it is always the result of intelligent effort”, in our continuing journey through the lifecycle of a threat pattern, we are now at the testing phase. After analyzing requirements, asset and threats, designing a general and reusable model for the threat pattern...
Mastering the implementation of a Threat Pattern
In previous posts we have discussed two of the most critical phases in the “The Lifecycle of a Threat Pattern”: analysis and design. In the analysis phase the objective is to fully understand the asset in scope by getting deeper into the context to formulate a set of residual risks to which the asset might be...
Measure your Readiness - Threat Intelligence Program
In the first part of this series we talked about the journey to undertake building a security monitoring and incident response program based on five dimensions: analytics, governance, measurement, operational and organizational. The third main program, also considered a primary capability of an effective Security Operations Center, is the development of tactical,...
UEBA and Evolved SIEM – Foundations of the Intelligent SOC
UEBA. SIEM. Find out what these technologies mean to your SOC.
Behavior Analytics: The Key to Rapid Detection and Response?
The use of detective analytics is now a central piece of security architectures, as security professionals are increasingly encountering a needle-in-a-haystack problem. Security tools – especially rule based ones – as well as systems, applications, and infrastructure, create so much data that it’s tough to uncover the signal of a real attack. Analytic tools help...
Blog posts by category
Around RSA
Industry Perspectives
Products & Solutions
Securing the Digital World
The Language of Cybersecurity
Need help? Click on the button below to begin a chat session.