Please enable JavaScript.

Coggle requires JavaScript to display documents.

Security Assessment Techniques, Threat Actors - Coggle Diagram

- - - - So scan to look for
        vulnerabilities,
        now want to look for
        signs of attack(s)
        
        And analysing data
        
        System generates
        log events
        
        Syslog Client
        collects these events
        and sends to server
        
        Syslog server
        connect data to
        Security Info platform
        e.g. SIEM
        
        Security managed
        with simple log data
        
        1 more item...
        
        Analysed data is
        used to hunt attackers
        
        Targeted Thread Hunting
        
        Rather than wait for attack
        organisation assumes attack
        has already happened
        
        Assumptive
        
        1 more item...
        
        Analysed data is
        used to prevent attacks
      - Assessment includes
        scanning for vulnerabilities
        
        Scanning for vulnerabilities includes
        misconfigurations
        , security controls (aka policies and permissions),
        default settings,
        patch management
        
        Vulnerabilities details
        are taken from databases
        
        CVE
        (Common vulnerabilities
        Exposures)
        
        Vulnerabilities can be found
        in 2 areas (or vectors), application
        and network
        
        Networks
        
        1 more item...
        
        Applications
        source code, static binaries,
        or web
        
        1 more item...
        
        Contains CVSS score system
        ID, and description