Also a very good point by Robert in regards to predicting threat actors' targeting. It's a waste of time to debate whether you are likely to be targeted or not. Focus on deploying robust security controls and always be prepared for the unexpected.
Very interesting that Dragos does not do attribution unless it affects the incident response process. It seems like an efficient way to approach things given that the priority should be to formulate how to properly defend the systems at hand.
Great mapping of Pipedream along Purdue and MITRE, thx Mr. Lee!🙌
Haha love the final part message to the adversaries
Also a very good point by Robert in regards to predicting threat actors' targeting. It's a waste of time to debate whether you are likely to be targeted or not. Focus on deploying robust security controls and always be prepared for the unexpected.
Schrodinger ICS, haha. Good point to invest more in detection and response as opposed to concentrating all resources on prevention.
Lateral movement monitoring. Not just what comes in and goes out.
Very interesting that Dragos does not do attribution unless it affects the incident response process. It seems like an efficient way to approach things given that the priority should be to formulate how to properly defend the systems at hand.
These threat actors are really organized. I didn't know there were separate groups that specialized in access or the activity in itself.
Great talk, Rob!
Great talk
Great Talk
Are you certain the adversaries' tradecraft error wasn't intentional as a warning signal from the adversary nation state to the USA?