Just a quick post today.
No matter how good your security is, it is only as good as the worst public site your users access outside of work. This means you may have a great password policy, great AV, outstanding monitoring, hired the #1 hacker in the world for testing and you can still be compromised because a user had an account at Sega.
Why? Because they used the same password at Sega that they use on your site. This is important because I think there are very few (if any) products out there that can adequately address this issue.
How do you detect an attack that is effectively the same difficulty to identify as an insider?
We will address this throughout the rest of this week’s posts.
PaulDotCom will be teaching Offensive Countermeasures at Black Hat July 30-31