{"id":6092,"date":"2022-09-20T15:11:37","date_gmt":"2022-09-20T19:11:37","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=6092"},"modified":"2022-09-23T16:41:18","modified_gmt":"2022-09-23T20:41:18","slug":"think-like-an-attacker-to-improve-your-security-posture","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/","title":{"rendered":"Think Like an Attacker to Improve Your Security Posture"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-6093\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture.jpg\" alt=\"attackers\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture-300x150.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture-768x384.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture-540x270.jpg 540w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture-162x81.jpg 162w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify;\"><em><strong>As part of Solutions Review\u2019s Premium Content Series\u2014a collection of contributed columns written by industry experts in maturing software categories\u2014\u00a0 With hackers and state-sponsored attackers on the rise, Lior Zatlavi of <a href=\"https:\/\/ermetic.com\/\" target=\"_blank\" rel=\"noopener\">Ermetic<\/a> wants you to think like an attacker to improve your approach to cybersecurity.<\/strong><\/em><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-6002 alignleft\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/07\/SR-Premium-Content.gif\" alt=\"Premium Content\" width=\"105\" height=\"110\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/07\/SR-Premium-Content.gif 105w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/07\/SR-Premium-Content-77x81.gif 77w\" sizes=\"(max-width: 105px) 100vw, 105px\" \/>Defending against cyber-attacks gets more complex every day. Cyber-criminals are nothing if not creative and constantly evolving their tactics. Most CISOs and CSOs want to be more proactive, but often maintain a cookie-cutter approach with a fixed set of technologies and tools while relying on security vendors to enhance their detection and prevention capabilities. Instead, defenders need to match the creativity and flexibility of their adversaries and think outside the software vendor box to manage risk and reduce their attack surface.<\/p>\n<p style=\"text-align: justify;\">The best way to do that is to think like an attacker.<\/p>\n<p style=\"text-align: justify;\"><br \/>Widget not in any sidebars<br \/><\/p>\n<h2 style=\"text-align: justify;\"><strong>Think Like an Attacker&#8230;<\/strong><\/h2>\n<hr \/>\n<p style=\"text-align: justify;\">Recently, the CSO of a large enterprise that had experienced a series of breaches determined they were likely part of an attack campaign, so he hired an offensive security firm to study the incidents and hone in on the attacker\u2019s objective. After studying logs of attacks carried out over two years, the investigators zeroed in on one management application in use that seemed to be the ultimate target for the hackers. With that insight, the organization set up a trap: a \u201chack-back\u201d operation that opened a harmless back door to the network, \u201cfingerprinted\u201d the attacker and traced the activity back to its source, and with the help of law enforcement shut down the threat. Based on the intelligence gathered from the investigation, the organization also modified its configurations to prevent similar attacks in the future, and engaged penetration testing experts to gain more context on potential threats to its environment.<\/p>\n<p style=\"text-align: justify;\">Organizations can no longer assume they are safe from hackers. Supply chain attacks have become common, with attackers breaching a vendor or partner company as a way to open a back door to a more valuable target. Assuming systems have or will be breached and minimizing the potential for damage&#8211; reducing the \u201cblast radius&#8221;&#8211; is the way to manage this risk. Knowing who\u2019s attacking your network and why can be an excellent first step to establishing a defensive posture that can stay in step with emerging threats. This insight can help build a more robust security plan and gain buy-in from stakeholders. The stereotype of a loner in a hoodie, hacking from his parent&#8217;s basement, is woefully out of date.<\/p>\n<h3 style=\"text-align: justify;\"><strong>The Modern Day Attacker<\/strong><\/h3>\n<p style=\"text-align: justify;\">Today, cyber attackers fall into two major categories that shape much of their activities: cyber-criminals and nation-states. State-sponsored hackers are usually spies, although sabotage is another strong motive. Remember the hack of emails from Sony in 2014 was retaliation for a movie critical of the North Korean leader. But nation-state hackers are mainly tactical; for example, federal authorities recently warned that Chinese state-sponsored hackers are breaking into U.S. telecommunications networks.<\/p>\n<p style=\"text-align: justify;\">While most cyber-criminals are profit-motivated, such as DarkSide, the group that cashed in on the ransomware attack against Colonial Pipeline in 2021, some activist groups also carry out attacks like the hacker collective Anonymous that carried out a campaign against Russian targets in the wake of the invasion of Ukraine. Financially-motivated hackers have even evolved a new subset: cyber-attacks as a service, which offers all the tools and capabilities for an attack to a less-proficient criminal&#8211; for a price. These criminal networks often include ex-military personnel and sophisticated hackers, so they sometimes overlap with state-sponsored hacker networks.<\/p>\n<h3 style=\"text-align: justify;\"><strong>Know Thy Enemy<\/strong><\/h3>\n<p style=\"text-align: justify;\">Knowing which attacker to worry about is a good first step. The two groups have different motivations, and tend to favor different targets. So proactive protection against one can be different from another. A defense contractor may need to worry about both cyber-criminals and state-sponsored hackers. Whereas a company that doesn\u2019t work in defense or national security should worry more about financially-motivated cyber-criminals staging ransomware or denial-of-service attacks, looking for a payoff.<\/p>\n<p style=\"text-align: justify;\">Determining what to protect is equally important. Identifying the organization&#8217;s crown jewels- those sensitive, high-value assets a cyber-criminal may target- makes it easier to figure out where an attacker may strike and how. It narrows the search for weak spots and possible ways an attacker might exploit them. Finally, map all the potential attack vectors and segment the crown jewels from the rest of the network and public interfaces in use. This makes it much easier to reduce risk and implement the right security controls. Following the best practices outlined above can provide a starting point for moving to an attacker-mindset approach for defending the organization from threats. Starting small will enable the security team to gradually expand its repertoire of skills and capabilities in order to make offensive thinking a guiding principle of the organization\u2019s security strategy.<\/p>\n<p style=\"text-align: justify;\"><br \/>Widget not in any sidebars<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As part of Solutions Review\u2019s Premium Content Series\u2014a collection of contributed columns written by industry experts in maturing software categories\u2014\u00a0 With hackers and state-sponsored attackers on the rise, Lior Zatlavi of Ermetic wants you to think like an attacker to improve your approach to cybersecurity. Defending against cyber-attacks gets more complex every day. Cyber-criminals are [&hellip;]<\/p>\n","protected":false},"author":323,"featured_media":6093,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5,1],"tags":[1280,16,2016,530,1252,1994,506,2014,2015],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Think Like an Attacker to Improve Your Security Posture<\/title>\n<meta name=\"description\" content=\"With state-sponsored attackers on the rise, Lior Zatlavi of Ermetic wants you to think like an attacker to improve your approach to cybersecurity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lior Zatlavi\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/\",\"name\":\"Think Like an Attacker to Improve Your Security Posture\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture.jpg\",\"datePublished\":\"2022-09-20T19:11:37+00:00\",\"dateModified\":\"2022-09-23T20:41:18+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/b85b3b3ce70dd23e1611e52517bff466\"},\"description\":\"With state-sponsored attackers on the rise, Lior Zatlavi of Ermetic wants you to think like an attacker to improve your approach to cybersecurity.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture.jpg\",\"width\":800,\"height\":400,\"caption\":\"attackers\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Think Like an Attacker to Improve Your Security Posture\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Identity and Access Management Solutions | Solutions Review\",\"description\":\"Evaluating Enterprise IAM Software, Identity Governance &amp; Access Control Tools.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/b85b3b3ce70dd23e1611e52517bff466\",\"name\":\"Lior Zatlavi\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ab0ec54b80e89682e0f12c2b49ea5ba1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ab0ec54b80e89682e0f12c2b49ea5ba1?s=96&d=mm&r=g\",\"caption\":\"Lior Zatlavi\"},\"description\":\"Lior Zatlavi is Senior Cloud Security Architect at Ermetic. He has more than 15 years of experience in cybersecurity, working for the Israeli government and with the elite cybersecurity unit of the Israel Defense Forces (IDF). Lior is a Certified Information Systems Security Professional (CISSP), has a Master of Science in Electrical Engineering from Tel Aviv University, and a Bachelor of Science in Applied Mathematics from Bar Ilan University.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/lzatlavi\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Think Like an Attacker to Improve Your Security Posture","description":"With state-sponsored attackers on the rise, Lior Zatlavi of Ermetic wants you to think like an attacker to improve your approach to cybersecurity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/","twitter_misc":{"Written by":"Lior Zatlavi","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/","url":"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/","name":"Think Like an Attacker to Improve Your Security Posture","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture.jpg","datePublished":"2022-09-20T19:11:37+00:00","dateModified":"2022-09-23T20:41:18+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/b85b3b3ce70dd23e1611e52517bff466"},"description":"With state-sponsored attackers on the rise, Lior Zatlavi of Ermetic wants you to think like an attacker to improve your approach to cybersecurity.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Think-like-an-Attacker-to-Improve-Your-Security-Posture.jpg","width":800,"height":400,"caption":"attackers"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/think-like-an-attacker-to-improve-your-security-posture\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Think Like an Attacker to Improve Your Security Posture"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Identity and Access Management Solutions | Solutions Review","description":"Evaluating Enterprise IAM Software, Identity Governance &amp; Access Control Tools.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/b85b3b3ce70dd23e1611e52517bff466","name":"Lior Zatlavi","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ab0ec54b80e89682e0f12c2b49ea5ba1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ab0ec54b80e89682e0f12c2b49ea5ba1?s=96&d=mm&r=g","caption":"Lior Zatlavi"},"description":"Lior Zatlavi is Senior Cloud Security Architect at Ermetic. He has more than 15 years of experience in cybersecurity, working for the Israeli government and with the elite cybersecurity unit of the Israel Defense Forces (IDF). Lior is a Certified Information Systems Security Professional (CISSP), has a Master of Science in Electrical Engineering from Tel Aviv University, and a Bachelor of Science in Applied Mathematics from Bar Ilan University.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/lzatlavi\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/6092"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/323"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=6092"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/6092\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/6093"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=6092"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=6092"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=6092"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}