Cyber Kill Chain: How To Keep Network Intruders At Bay
Disrupting The Cyber Kill Chain - Choking the Attack Where it is Vulnerable - API's, Server Integrity and Identities Our adversaries follow a fairly well defined process to gain access, establish residency and explore our networks. If we understand how they act during each of these phases we can make huge strides in curtailing their exploits. In this session we'll examine some leading edge methodologies for defeating each phase of the attack:
Getting In - Insecure API's - With the growing deployment of inter application communications, attacks such as those at SnapChat, Yahoo and Tesla are increasingly leveraging insecure API's as a way to get into the network. We'll discuss how API protection can be implemented to minimize these vulnerabilities.
Staying In - Malicious code is very vulnerable while it is being installed and as it attempts to become resident. We'll explain how continuously refreshing the integrity of servers prevents malware establishing a foothold.
Acting - One of the primary targets of attackers are credentials, especially those with extensive privileges to a broad array of resources within your infrastructure as there is no need to hack layers of defenses if you have the keys to every door in the house. We'll see here how fine grained access control, giving authorization and tracking access to resources only to those individuals that need it can be implemented.