He Who Finds the Entry Point First Wins
The amount of news generated around attacks in 2011 has been overwhelming. In just the last week, the reports around SCADA based attacks have reached almost histrionic levels. Attacks on NASA, AT&T & VCU have all been highlighted this month as well. Despite the fact that companies will spend over $8 billion dollars on network security this year, hackers continue to successfully breach networks with an alarming regularity.
In an article on APT's posted on Dark Reading yesterday, Sean Brady from RSA had an interesting quote. He said Identifying the entry point -- where an attacker got into a company's network -- is a key aspect of identifying and responding to an advanced attack. At Firemon, we couldn't agree more. However, we would also ask why wait until you've been attacked to discover the entry point? Why not proactively find the entry point yourself? As clearly indicated by the attack coverage we've seen in the press this year, the attackers are actively looking to find the entry point into your network even as you read this post.
Firemon's new Risk Analyzer technology is designed to proactively find the entry point into your network that can be exploited. Risk Analyzer will also identify where an attacker can pivot off that access point, and what other resources within your network can be compromised. Risk Analyzer will also prioritize what patched vulnerabilities can reduce the greatest amount of risk with the least amount of effort, helping to focus your organization's remediation efforts. Don't be the last to discover the entry points that are exposed in your network; he who finds the entry point first wins.