“A red-team test is a full-scope engagement that simulates a real-world attacker materializing a threat on an organization,” Amit writes in his paper, “Sexy Defense.” The next step is to have a “red team,” typically composed of outside consultants, attempt to break into the company. Some organizations evaluate their security with “penetration tests,” also known as “pentests.” But you can’t stop there, Amit says, because pentests are simply designed to pass compliance. Security expert Iftach Ian Amit, director of services at security consulting company IOActive, believes that computer security defense needs to be just as romantic as hacking, which is why he calls his methods “ SexyDefense.” However, it’s important to know your legal limits.Īny smart development organization is concerned about security, but there’s considerably more nuance to it these days than just throwing up a wall and a moat and hoping it keeps the dragons out.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |