Unless you’ve been asleep recently, you’ll probably be aware of MITRE’s ATT&CK framework. This is a game changer for defenders as it maps out the common threats that an enterprise will face. ATT&CK aligns this to protective and detective controls and allows everyone within the enterprise to speak a common language on how attackers might […]
These blue team actions should be performed on top of any specific remedial actions that are carried out to resolve specific issues.
The Team believes that the likelihood of a successful Internet delivered attack by either a malicious insider or via an external actor is high, given the systemic failures identified in these scenarios.
Having defined the scenarios, you can see how these could be linked together in different ways to form comprehensive attack vectors.
In what was an interesting change to the usual technical and risk/compliance focused consultancy, the Team carried out a War Games exercise - similar to a "Red Team" engagement.
Have you ever wondered about how the everyday information available on your network could compromise your entire organisation? I lead the Cisco Security Advisory Services team in EMEAR. We recently performed a “Red Team” exercise in which our client set us the objective of attempting to gain access to their client database. For the uninitiated: […]
