In this, our third and final interview segment with Dan Guido, Co-Founder and CEO of Trail of Bits, Dan talks about security threats, and attack vectors that pose the greatest threat to enterprises today. Watch the interview below.
We also added in a quick summary to cover the highlights of the interview.
How can organizations prepare to face security threats? Dan states that organizations should look at all the attacks that are happening in the industry they are in, (from peers, data releases from security companies), so they can learn from the lessons that other companies have experienced. Dan states that there is not enough sharing of information in the industry about attacker techniques, tactics and procedures that have been used to perform compromises. Companies need to collect and analyze attack data, understand what hackers are doing, and then utilize that information to develop defenses that work against the techniques being used. Security programs should be able to trace back to actual reductions in data loss. Which attack vectors pose the greatest threat to enterprises today? Dan stresses the importance of protecting the entire enterprise from threats, not just protecting one single application. That said, he also notes that attackers interested in financial fraud or credit card theft will be focused on compromising individual applications. To defend against them, enterprises may want to use dynamic web scanning, or source code auditing per application. To view the other interviews with Dan Guido posted as part of this series, click on the links below. 1. Interview with Dan Guido on Vulnerabilities 2. Interview with Dan Guido on Mobile Platforms and BYOD Let us know how you liked this interview series with Dan Guido, and if you have any suggestions for other hot topics you would like to see industry experts discuss.
Written by: Niru Raghavan