Data Seepage: How to Give Attackers a Roadmap to Your Network
by HNS - Thursday, 14 June 2007.
At Black Hat Europe we met with Robert Graham and David Maynor, the CEO and CTO of Errata Security. In this video they talk about how the days of widespread internet attacks are long gone. What's more popular now are more directed or targeted attacks using a variety of different methods. This is where data seepage comes in. Unbeknownst to a lot of mobile professional's laptops, PDAs, even cell phones can be literally bleeding information about a company's internal network. All this information can be used by an attacker to make attacks more accurate with a higher likelihood of success.
Discussions about security intelligence still focus primarily around conventional reactive SIEM. Security pros need to move from this reactive model to proactively using this security intelligence to protect their businesses.
Today almost every company is dealing with big data in one way or another – including customer data, tracking data, and behavioral marketing information – connecting every aspect of our lives. While this is a cutting edge use of technology, data monitoring can become dangerous when placed in the wrong hands.
Robert Hansen, Vice President of WhiteHat Security Labs, discusses the evolution of web application security, offers advice on how to improve web application security practices, recommends tools, and more.