Anatomy of a breach.... A must read post for system and Cloud admin

Food for thought those who do not know, Have you ever think about or know an attacker can be present on a network for more than 200 days before being detected? Imagine the damage that can be done to an organization during that time: Accessing sensitive data about your company, products, employees, and clients. Altering the operating system on every computer in your network. Causing irreparable damage to your company – both in terms of dollars and damaged reputation – before you even know the attacker’s there.
Hackers typically gain con07ol of a network using a privileged account (e.g., domain admin) within 24-48 hours of initiating the attack. They move silently through the network, avoiding actions that would alert IT to their presence. If they are discovered, it’s usually by chance or an external notification.
Do you know how a security breach actually happens?
How hackers get a foothold, and what they do once they’re in?
Most importantly: Are you as secure as you think you are? how a breach actually happens and the steps you can take to help prevent an attack, including:
·       Common ways hackers get into your network, including phishing scams and targeted search results
  •          How hackers set up and manage long-term attacks
  •         Things you can do today to help prevent an attack
  •         The key response phases, including incident response, tactical recovery and s07ategic recovery
  •         Tips for developing an effective communications plan that won’t compromise your data’s security

Above are things need to be put into consideration to save you before it boom!


Comments

Post a Comment

Popular posts from this blog

The request has both SAS authentication scheme and 'Bearer' authorization scheme. Only one scheme should be used

Image
While doing testing after doing a POC on Securing Logic App with Azure Active Directory authentication , where I have put logic app behind APIM and before passing the request to logic app, apim does validation of the token.  I was encountered with an error "The request has both SAS authentication scheme and 'Bearer' authorization  scheme.  Only one scheme should be used." Why it happened After validating the token which is part of the header i.e. Authorization, APIM forwards the request as it is to backend. As  Logic app is configured as  back end , it's url already consist of SAS signature plus the request also has Authorization section and this is the problem. By default every request endpoint on a logic app has a Shared Access Signature (SAS) in the endpoint's URL, which follows this format: https://<request-endpoint-URI>sp=<permissions>sv...
Read more

Getting Started with Logic Apps - AS2

Image
What is AS2? Every enterprise requires some kind of product, service or counselling from another enterprises thus there happens a B2B(business to business) communications, some of the communication is unique whereas most of the communications are common for most of the enterprises e.g., Purchase Order. But every enterprise has there own way(format) of sending the messages, leading to difficult management when number of partners increased.  Considering this the Enterprise leaders decided to have some standards/rules defined across the communication leading to B2B protocol standards which provide guidelines for trading partners to follow when conducting business between enterprises. EDI X12, EDIFACT, TRADACOM etc. AS2 stands for Applicability Statement 2 and is a B2B messaging protocol used to transmit Electronic Data Interchange (EDI)/Business documents from one organization to another. So EDI standards define how to format data and AS2 specifies how to securely transport...
Read more

How to Debug and Trace request in Azure APIM - Portal, Postman, RequestBin

Image
Introduction  APIM is a great option to expose API's with out of box features for applying restrictions, preprocessing, postprocessing etc. You can leverage existing API's,  by importing it and it gets added as a new API with all the operations associated with it. And based on the requirements you  apply policies at the stage/level (Inbound,Backend/Outbound) and you are ready to use the API. Before it is shared, we do some testing to make sure everything is working as per the expectation and this is where Debugging and Tracing request becomes important. APIM does provide a way to Trace a call with the help of  Ocp-Apim-Trace http header. So whichever request/call is to be traced, it needs to include this in header  with the value set to true and it has dependency on another header, so that also needs to be passed i.e.  Ocp-Apim-Subscription-Key Note: The api on which Tracing is to applied , it requires the subscription key to be en...
Read more