A look at modern adversary behavior and the usage of open source tools in the enterprise

2020-07-17 07:42

That's the reason why companies should constantly test their environments against TTPs. The baseline profiling of your core network components, OS, devices and apps, adversary simulations, achieving full visibility and analytics across many different network data sources, correlation, and understanding of how each component affects the other one seems like a good approach for dealing with cybersecurity risks.

What's your take on using open source tools within an enterprise security architecture?

From the offensive perspective, it's amazing how many free open source tools help with the execution of adversary simulations, penetration testing services or just doing research.

Open source delivers flexibility - and I am sure most of the red teamers use or create open source projects while working for large companies.

From a defensive point of view, OSS is in use almost everywhere and assuming that even if a huge part of the enterprise infrastructure is based on commercial products, you will find open source components.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/qJFwtbmtV3E/

#opensource #tools