Q: In developing defences against exploits, how do you evaluate the cybersecurity team’s strengths and weaknesses? And which tools and techniques would you prefer to combat the weaknesses?
Here are the answers from the SecPro community members on Evaluating Cybersecurity Strengths and Weaknesses:
Team members are required to learn on attack anatomy to understand the root cause. They are then trained to use the tools available to mitigate the risk. Most of the tools are from open source community such as tools comes with Kali Linux and some others build internally.
– Khairil, Head of Cybersecurity
There are Red and Blue teams. They defend against advanced cyber attacks.
Red teams are mostly offensive security professionals who are experts in attacking systems and breaking defenses.
Blue teams are defensive security professionals who maintain internal network defenses against all cyber attacks and threats. Red teams simulate attacks against blue teams to test the effectiveness of the network’s security.
These red and blue team exercises provide a full security solution ensuring strong defenses.
– Avishek, Data Scientist
VAPT, Red Team activities and Adversary Simulation can be a good way to test cybersecurity team response capabilities. Integrating MITRE ATT&CK framework in Security processes and leveraging on tools like EDR/NDR/XDR, Adversary Simulation systems, integrated Threat Intelligence tools developed basing on the MITRE framework complete the security arsenal.
– Luca, Security Solutions and Operations
The SecPro is a weekly security newsletter to help you stay sharp and upgrade your skills with trending threat insights, practical tutorials, hands-on labs, and useful resources. Build skills in as little as 10 minutes. Join the newsletter here.