Security professionals often feel they don’t have enough time to keep up with modern threats. In fact, Crowdstrike researchers have found that top threat actors can go in and out of networks in a matter of minutes. Despite other similar security research reports listing all the ways threat actors can breach a network, they rarely offer a viable solution to combat these risks and often just resign us all to a “we can only do our best” mentality.
I disagree. While I feel that “doing our best” is sufficient for an elementary school project, it’s not the right mentality for an enterprise security team. We as security professionals should strive to be excellent. In order to get there, let’s review some common attack patterns and discuss the best ways to disrupt an attacker’s plan.