For a long time, Mac security threats weren’t a top of mind concern for security teams and vendors, who primarily focused on securing Windows where they had a much larger footprint. Now, many employees are using Macs to access production infrastructure, presenting new avenues for attackers to exploit.
As attackers continually evolve their tactics, the arsenal of tools at hand for defenders needs to respond to attacker complexity while still enabling day-to-day business to happen.
When it comes to detecting malware, the arms race between attackers and defenders is certainly nothing new. The once seemingly simple battle between nuisance script kiddie worms and simple anti-virus software evolved over time into a much more complex and layered approach towards stopping powerful weapons against organizations to extort, incur damages, and steal intellectual property. For a long time now, malware-detection technologies have become more sophisticated as malware works harder than ever to gain access to a target machine and then conceal its presence as it runs.
MITRE ATT&CK is a trusted tool in the arsenal of many security teams. When it comes to endpoint security, analysts need to stay proactive to ensure their organization remains resolute in the face of growing threats.
For security analysts working on Linux, the lack of flexible, transparent and comprehensive tools is an ongoing problem. As is often the case, security professionals are turning to open-source solutions that can be more easily customized to solve specific problems.
Proper security analytics require big data—a fact that companies are increasingly starting to recognize. Nearly 30% of organizations claim they are collecting, processing, and analyzing significantly more security data than they did two years ago, and 42% acknowledge the future importance of leveraging big data for security purposes. But at the same time, only 13% of companies believe their IT security stack is up to the task of effectively collecting and analyzing data organization-wide.
In a world where development is conducted on a variety of operating systems and hosted on the cloud, having a well-structured development system with integrated security is vital to ensuring that customer solutions are functioning optimally and are secure. This is achieved through DevOps.