Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous layout. Rapid ahead to the digital age, and this medieval knowledge nonetheless echoes in cybersecurity. Like castles with strategic layouts to withstand attacks, the Protection-in-Depth method is the modern day counterpart — a multi-layered method with strategic redundancy and a mix of passive and energetic security controls.
Nonetheless, the evolving cyber threat landscape can problem even the most fortified defenses. Despite the common adoption of the Defense-in-Depth strategy, cyber threats persist. Fortunately, the Defense-in-Depth method can be augmented using Breach and Attack Simulation (BAS), an automated device that assesses and improves just about every security management in just about every layer.
Protection-in-Depth: Bogus Feeling of Security with Layers
Also acknowledged as multi-layered defense, the protection-in-depth technique has been extensively adopted by businesses considering that the early 2000s. It can be based on the assumption that adversaries ought to breach multiple defense levels to compromise valuable assets. Because no singular security command can give foolproof protection versus the large array of cyber threats, protection-in-depth has develop into the norm for companies worldwide. But if every single firm uses this tactic these days, why are security breaches nevertheless so prevalent?
Finally, the primary reason is a fake perception of security from the assumption that layered alternatives will constantly function as intended. Having said that, companies should not set all their faith in multi-layered defenses — they must also remain up-to-day in opposition to new attack vectors, probable configuration drifts, and the complex character of running security controls. In the encounter of evolving cyber threats, unsubstantiated have confidence in in defensive levels is a security breach ready to occur.
Perfecting the Defense-in-Depth Method
The protection-in-depth system promotes making use of multiple security controls at diverse levels to stop and detect cyber threats. Many corporations product these levels all around four essential layers: Network, Host, Software, and Details Levels. Security controls are configured for 1 or much more layers to keep a robust security posture. Ordinarily, companies use IPS and NGFW alternatives at the Network Layer, EDR and AV methods at the Host Layer, WAF methods at the Software Layer, DLP options at the Knowledge Layer, and SIEM answers throughout multiple levels.
Despite the fact that this general solution applies to approximately all defense-in-depth implementations, security groups are not able to simply just deploy security methods and overlook about them. In reality, according to the Blue Report 2023 by Picus, 41% of cyber assaults bypass network security controls. Nowadays, an powerful security system involves a solid being familiar with of the risk landscape and regularly testing security controls against authentic cyber threats.
Harnessing the Ability of Automation: Introducing BAS into the Protection-in-Depth Approach
Comprehension an organization’s danger landscape can be hard owing to the large quantity of cyber threats. Security teams will have to sift through hundreds of menace intelligence reports day by day and come to a decision whether or not just about every threat could focus on their business. On best of that, they need to have to examination their security controls versus these threats to evaluate the effectiveness of their defense-in-depth strategy. Even if businesses could manually assess every intelligence report and operate a regular evaluation (this sort of as penetration testing and crimson teaming), it would take significantly also considerably time and much too many means. Very long story shorter, present-day cyber risk landscape is extremely hard to navigate devoid of automation.
When it will come to security handle screening and automation, just one individual software stands out amongst the relaxation: Breach and Attack Simulation (BAS). Since its 1st visual appeal in Gartner’s Hoopla Cycle for Danger-Facing Technologies in 2017, BAS has grow to be a worthwhile section of security functions for many businesses. A mature BAS alternative provides automated risk intelligence and threat simulation for security teams to assess their security controls. When BAS methods are built-in with the defense-in-depth strategy, security groups can proactively determine and mitigate possible security gaps ahead of malicious actors can exploit them. BAS performs with a number of security controls throughout the network, host, application, and details levels, allowing businesses to evaluate their security posture holistically.
LLM-Powered Cyber Threat Intelligence
When introducing automation into the protection-in-depth strategy, the initially stage is to automate the cyber risk intelligence (CTI) method. Operationalizing hundreds of danger intelligence reports can be automatic employing deep learning products like ChatGPT, Bard, and LLaMA. Fashionable BAS tools can even present their personal LLM-driven CTI and integrate with exterior CTI suppliers to examine and monitor the organization’s threat landscape.
Simulating Attacks in the Network Layer
As a essential line of defense, the network layer is often examined by adversaries with infiltration attempts. This layer’s security is calculated by its means to identify and block malicious targeted visitors. BAS options simulate malicious infiltration attempts observed ‘in the wild’ and validate the network layer’s security posture in opposition to genuine-daily life cyber attacks.
Assessing the Security Posture of the Host Layer
Personal products these kinds of as servers, workstations, desktops, laptops, and other endpoints make up a substantial part of the products in the host layer. These equipment are normally focused with malware, vulnerability exploitation, and lateral movement assaults. BAS tools can assess the security posture of each and every gadget and exam the efficiency of host layer security controls.
Exposure Evaluation in the Software Layer
Community-going through programs, like web-sites and email solutions, are generally the most critical yet most uncovered components of an organization’s infrastructure. There are numerous examples of cyber assaults initiated by bypassing a WAF or a benign-wanting phishing email. Advanced BAS platforms can mimic adversary steps to ensure security controls in the software are working as meant.
Preserving Data Versus Ransomware and Exfiltration
The increase of ransomware and data exfiltration assaults is a stark reminder that businesses ought to safeguard their proprietary and shopper info. Security controls these kinds of as DLPs and entry controls in the data layer protected sensitive info. BAS remedies can replicate adversarial tactics to rigorously examination these security mechanisms.
Steady Validation of the Protection-in-Depth Tactic with BAS
As the threat landscape evolves, so really should an organization’s security approach. BAS supplies a ongoing and proactive method for organizations to evaluate each and every layer of their defense-in-depth approach. With demonstrated resilience from real-everyday living cyber threats, security teams can believe in their security controls to withstand any cyber attack.
Picus Security pioneered Breach and Attack Simulation (BAS) technology in 2013 and has helped organizations increase their cyber resilience at any time given that. With Picus Security Validation System, your corporation can supercharge its present security controls towards even the most innovative cyberattacks. Check out picussecurity.com to e-book a demo or investigate our methods like “How Breach and Attack Simulation Suits Into a Multi-layered Protection Approach” whitepaper.
To grow your being familiar with of evolving cyber threats, check out the Best 10 MITRE ATT&CK methods and refine your protection-in-depth strategy. Obtain the Picus Purple Report now.
Take note: This posting was prepared by Huseyin Can Yuceel, Security Analysis Direct at Picus Security, wherever simulating cyber threats and empowering defenses are our passions.
Located this short article intriguing? Stick to us on Twitter and LinkedIn to study far more unique written content we article.
Some parts of this article are sourced from:
thehackernews.com