In IT security, you’re often looking at individual priorities. In the wake of a Distributed Denial of Service (DDoS) attack, you start to reconsider your DDoS protection. When you’re trying to explain how those confidential documents got out into the world, some better encryption would be welcome.
But that’s not an approach that will get you ahead of attackers. Because they rarely use simple methods in isolation.
Individual methods of attack aren’t the preserve of individual attackers. They’re weapons in an arsenal, and attackers will use them in combination to achieve their goals. And that’s why your defence needs to do the same thing.
Securing your infrastructure isn’t about what you do moment-to-moment. It’s not about deflecting one thing an attackers does, only to leave another weakness exposed.
So, just as an attacker would consider their goals and use several methods at the same time, we need to think more about how our forms of protection work together.
Your first priority is retaining a clear overview of what’s happening on your network. BlackStratus LOG Storm and SIEM Storm can collect logs and help you analyse the wealth of intelligence that’s right in front of you. But attackers will often attempt to cloud your vision and distract your attention.
DDoS attacks are rarely what they seem to be. They’re often smokescreens designed to distract you from other areas of your network. Corero’s SmartWall Threat Defense System is a suite of appliances to detect and block attack traffic, helping you retain a clear view.
So you can improve your visibility over your network, use intelligent analysis to eliminate attacks, and mitigate attacks fast.
With or without the smokescreen of a DDoS, attackers still need a way into your network. You’re already protecting the perimeter with a firewall, but there are other ways in. Increasingly, attackers exploit the application vulnerabilities that exist in your unpatched applications – and, with so many third-party applications to discover and update, most organisations leave a huge number of these weaknesses exposed.
Flexera Corporate Software Inspector automates the way you detect vulnerabilities and deploy patches, so you never miss a thing. It draws on real-time intelligence from Secunia Research, so you can understand how critical each vulnerability really is.
Should attackers find a way into your network, you want to control the level of access that they can achieve. In part, that means an intelligent network topography that isolates the most critical systems and equips them with additional security.
Thycotic Secret Server can play a crucial role in this final layer of your defence. All your privileged passwords are stored in an encrypted vault, giving you a detailed audit trail for how they’re used and accessed.
That way, even if attackers find a way past your other defences, their access is severely limited to low-level accounts.
Finally, it’s worth noting that while your security can fit together in an organised stack, it’s not a rigid system. Most solutions do several things at once, and that makes it even harder for attackers to gain access.
For example, Thycotic Secret Server closes a route of access by improving the way you secure passwords. But it also adds another layer of defence should attackers find another way in.