Don’t expect a whole lot from your expensive new security tools unless you first master the basics.
That’s the message in a new report from the Secureworks incident response team that draws lessons from their experience in over 1000 IR engagements last year. Time and again in 2018, responders and security analysts saw threat actors exploit basic security gaps to circumvent expensive security stacks.
The new Secureworks Incident Response Insights Report 2019 shows how organizations are undermining their security programs by leaving gaps in security fundamentals that gift easy opportunities to threat actors. As a result, the adversaries gravitated toward known successful tactics and needed only moderate evolution to achieve success. Use of native tools and other living off the land techniques helped them evade detection. Frustratingly, many of the gaps our team saw can be effectively addressed with measures like multi-factor authentication.
The report examines the methods threat actors used to gain access and provides advice on prioritizing your efforts to protect against present day threats. You’ll also learn the 5 most common misconceptions our incident response team hear from organizations with large blind spots. Maybe you’ll have heard some of them before?