Five Black Hat 2022 Takeaways (and One Bonus!)

 The range and depth of conversations with the most important people in the industry shed illumination on today's most pressing issues.

I selected the five most significant ones:

1. The market is constantly trying to find a way to validate

It seems like the understanding of the advantages of automating attack simulations that validate the security control's effectiveness is growing.

The importance of traditional BAS (Breach and Security Simulation) solutions for fine-tuning security control settings and maximize effectiveness is much better understood in the present. This has led to deeper inquiries about the possibility of running scenarios from end-to-end which simulate an attacker attempting various strategies to get around barriers.

However, even though the importance of traditional BAS is more widely accepted in the present than it was before, as this category has seen a surge in acceptance in the past year and organizations are aware that the scope to be considered that isn't restricted to security control effectiveness validation. A comprehensive security validation procedure must also incorporate other aspects such as attack surfaces and IT policies, awareness of employees and patch program validation and more.

2. The rule of simplicity!

The biggest concern for prospective validation adopters is the complexity. Even the in the keynote address Chris Krebs, former director of the U.S. Cybersecurity and Infrastructure Security Agency, also known as CISA He emphasized the risk-adjustment that comes from the increasing complexity in the technology stack during his keynote address.

The benefit of BAS technology when incorporated into the security stack already in place is that it can be used very quickly and efficiently identifies the areas where redundant capabilities bloat the flow of data with no advantages, and pinpoints the areas which configuration tweaks would provide the greatest efficiency return, that helps to prioritize remediation effort.

Reduced complexity is also made possible by the accessibility to relevant information and the capability to display it in different formats with one click.

Cymulate's BAS 3-click installation procedure, in conjunction with dynamic dashboards, reports that can be customized and ticketing integrated attracted a lot of attention .

3. Keep the board updated

Security concerns are not the only issues. Effective, thorough and timely communication is an increasing concern for executives as they have become aware of the importance of cyber security and its impact affects their financial results.

Access to quantifiable data as well as security score based on actual proportion of attacks identified and/or prevented by the defense stack is much easier to comprehend than baselines determined by estimates of compliance to the best methods.

Similar to HTML0, the ability to constantly assess and revise will result in a gradual increase in the security ratio. This helps in communicating the importance of cybersecurity investments as well as identifying security shifts at their initial stage instead of much further.

Cymulate's powerful analytics system that has custom dashboards, with dynamic defaults and reports cover the entire variety of Security posture areas. provides a complete view of the investment made and their rate of success and monitors the progress of those investments in the course of.

4. Finding the Blue Team Red Team divider

BAS users have received a surprising response, apart from the anticipated advantages in the hardening of their security postures, was about how it helped to improve the relationships between their internal Red and blue teams. How? When blue teams make use of the automated verification and evaluation tools and assessment capabilities, they are able to automatically validate the effectiveness of their remediation strategies instead of being snared in the pants of a smirking red team. On the other hand of the line the red team has more time to concentrate on more difficult work and are content to give instructions to blue team players.

In addition to purple-based teaming collaboration between the blue and red teams is strengthened as they develop advanced scenarios to enhance the level of analysis for delicate areas.

5. Prioritization

For the course of their "Calculating Risk in the Era of Obscurity: Reading Between the Lines of Security Advisories" presentation, Brian Gorenc, Senior Director, Trend Micro Zero Day Initiative as well as Dustin Childs, Sr. Communications Manager, Trend Micro Zero Day Initiative critiqued the false impression of security that may be derived from patching the high CVSS-scored vulnerabilities in high priority.

Childs is particularly concerned about the risk of relying to CVSS-based prioritization because it can - and could result in spending limited resources on bugs that have the lowest chance of being exploited. He also cautions against settling on the front-page trends in title.

"An unauthenticated remote code execution (RCE) bug in an email server like Microsoft Exchange is going to generate a lot of interest from exploiting writers," he added. "An unauthenticated RCE bug in an email server like Squirrel Mail is probably not going to generate as much attention."

Although it's a good practice is to rely on regularly updated and up-to-date software updates could also give an illusion of security. Childs is critical of the lack of thoroughness in many updates which either do not mention the exact CVE fix and make a general statement that the update has fixed a number of security vulnerabilities or only mention 10 fixed CVEs, but fail to mention the remaining 100 that remain being patched, for example.

As per Childs and Golenc that the solution to the many patching problems boils down prioritization in context.

Attack-Based Vulnerability Management (ABVM) prioritizes management of vulnerability in accordance with security flaws as well as actual vulnerability evaluated by vulnerability to attacks.

It considers not only CVSS scores, but also the effectiveness of compensating security safeguards and the possibility of an attacker who takes benefit of the vulnerability and the possibility that it will be used to spread throughout the system.

---

Bonus

These were the main lessons we took away of Black Hat, but, in addition, we observed huge attention in MSSPs (Managed Security Service Providers) in their search for ways to improve the value they offer their customers by showing that they constantly examine their performance with their monitored security services. The ability to quickly access and share data to show that they have reduced risk progress they made, and record the improvement in responses and detection, as well as to meet the SLAs they have dedicated to. MSSPs that used Cymulate gained new revenue streams and set an advantage over other MSSPs and all without a lot of effort.

We are returning following Black Hat, and we have gathered valuable feedback about our products We are working to refine our current features and be sure to incorporate the many ideas we gained into our stealth new product that's currently in the process of development.

DIGITAL DEVICES LTD

Long before Apple set an average consumers mindset to replacing their handheld gadgets in two years, Digital Devices Ltd believed in Moore's law that computing will double every two years. With our heritage from the days of IBM Personal Computer XT, our founders have gone through the technology advancements of the 1990s and 2000s realizing that technology is an instrumental part of any business's success. With such a fast pace industry, an IT department can never be equipped with the tools and training needed to maintain their competitive edge. Hence, Digital Devices has put together a team of engineers and vendor partners to keep up with the latest industry trends and recommend clients on various solutions and options available to them. From forming close relationships with networking and storage vendors like Juniper, SolarWinds and VMWare to high-performance computing by HPE or AWS Cloud solutions, Digital Devices Limited offers the latest technology solutions to fit the ever-growing needs of the industry.

 Our experts can guide you through the specifications and build cost efficiencies while providing high end, state-of-the-art customer services. We research and analyses market and its current demand and supply chain by offering wide range of bulk supplies of products like AKG C414 XLII, Shireen Cables DC-1021, Shireen Cables DC-2021, Dell p2419h monitor, Dell U2419H, Dell P2719H, Dell P2219H, Lenovo 62A9GAT1UK, LG 65UH5F-H and Complete IT Infrastructure products and services.

Comments

Post a Comment

Popular posts from this blog

Support Your Developing business with adaptable application stages

Image
  Reliable, effective, and reasonable - find the PowerEdge T40 from Dell and Intel Windows Server 2022 is here and it's carefully designed to safeguard efficiency with cutting edge development in multifaceted security, mixture abilities and adaptable application stages. Matched with the Dell EMC PowerEdge T40 controlled by the most recent Intel® Xeon® Scalable processors, you get the power, stockpiling, and security you really want to containerise your applications and scale your business with certainty. Also, with essential elements that address normal responsibilities, the T40 upholds your everyday tasks so you can zero in on your business. Further Developed Execution To Help Your Developing Business The Dell EMC PowerEdge T40 tower server is intended to help your private venture with the most recent age of Intel® Xeon® Scalable processors. Assume command over your information - remembering for site availability - and oversee costs by keeping away from obscure public cloud handli...
Read more