NSA Hacker-in-Chief shedding some light
Check out this very enlightening talk about presumably the most well funded nation-state actor on the planet. Few key takeaways:
- Moving laterally is a core part of the strategy
- Exploiting vulnerabilities is far easier than leveraging a Zero Day
- Code injection is highly effective
- Above all else, ensure you have proper prevention/defense capabilities
"And no vulnerability is too insignificant for the NSA to exploit...Don’t assume a crack is too small to be noticed, or too small to be exploited,” he said. If you do a penetration test of your network and 97 things pass the test but three esoteric things fail, don’t think they don’t matter. Those are the ones the NSA, and other nation-state attackers will seize on, he explained. “We need that first crack, that first seam. And we’re going to look and look and look for that esoteric kind of edge case to break open and crack in.”
It is days like this that I’m proud to work at Palo Alto Networks. Along with our committed partner community, we are leading the way to help secure the world’s leading enterprises and institutions, and ultimately protect our way of life in the digital age.
CISO
8 年Good article
AVP Enterprise Sales - A10 Networks | Driving Strategic Growth, Capturing New Business, and Exceeding Revenue Targets Across Enterprise Markets
8 年We will always have a job!!!!!