Raiders of the Lost ARP

Amateur Security Archaeologists, trying not to break things.

Tag: CTI (Page 10 of 11)

An older adventurer is running from a massive fire, indicating that he was not ready for just how bad it would be.
Well this week went about as well as could be expected...

What is causing Mike’s Indigestion now? Ransomware is sooo last year (3 Nov 2023)

November 3, 2023 /

Good morning folks! I have some updates on the threat side of things that I think are interesting and might help in conversations with your friends and colleagues:

Ugh, Ransomware. Again.

Continue reading

Don’t worry, AppDev can Threat Model like a champ!

November 2, 2023 /
A bunch of WASPs trying to penetrate a laptop's screen because they are after the web application
What some call a penetration test, others call a bug scrub…

If you are landing here after reading earlier posts, you might be thinking “this is great, but what I REALLY need is to avoid being the next <insert bad breach company here>. Well, our friends at OWASP (Open Web Application Security Project) are an organization that focuses on improving the security of software. Like any good David Letterman fan, they are famous for their Top 10 list of web application threats, and have followed that up with an API version! Threat modeling for software applications are essential not only to the end customers, but with the sheer complexity of today’s typical environments, the legal ramifications of a breach or attack can spell disaster for the hosting company, the software vendor, business partners, ecosystem partners, and the end users alike. It should be no surprise then that OWASP has its own approach to application threat modeling.

Continue reading

Ally with attack trees to threat model more effectively

October 31, 2023 /

To be clear, I don’t want you to raze the Amazon Rainforest here. What I am referring to for this blog post is another visualization technique. Where as DFDs focused on understanding the flow of information through your systems, Attack Trees are another graphical representation to uncover how an attacker might exploit weaknesses in a system to achieve specific malicious objectives.

Weird tree-borne monster getting ready to attack something.
Larry in accounting is tired of being scapegoated as the #1 most common threat vector
Continue reading
Nerd surfing with his laptop open in a killer halfpipe of nerd symbols.
This is the best AI could do with "nerd surfing on a keyboard through a half-pipe of data flow diagram symbols.

Get with the Flow

October 31, 2023 /

We’ve talked about Microsoft’s view of threat modeling, but this next one might appeal to folks with a background in software that doesn’t crash – sorry, I jest, i jest! (or do I?) Well in this useful method, we’re all about understanding the flow of data across our systems. We’re talking Data Flow Diagrams (DFDs) used in software engineering and systems analysis.

Continue reading
Artistic (AI-generated) picture of Sun Tzu at a keyboard working on cybersecurity work.
Sun Tzu hates being a Level 1 SOC Analyst

What is Threat Modeling?

October 30, 2023 /

As Sun Tzu might advise, “If know the enemy and know yourself, you need not fear the result of a hundred battles.” Let’s focus on “knowing yourself” first. We introduced this as an important step to Threat Hunting in a prior post. All organizations should start by identifying and scoping the environment’s key assets, data types, and security controls (both technical and process related). What are you trying to protect? Why are they important? Who needs or uses those things? Threat Modeling is the proactive process that helps you understand and address security risks before they can be exploited by attackers. This requires an understanding of both the environment to be protected and the way threats might overcome those defenses.

Continue reading
« Older posts Newer posts »

© 2024 Raiders of the Lost ARP

Theme by Anders NorenUp ↑

Verified by MonsterInsights