One of the key areas we can automate our defensive posture is understanding how the network we are defending looks. One of my SANS instructors once said: “you cannot protect what you don’t know about.”

At the time I was working for an organization that had 12,000+ assets ranging from the latest and greatest operating systems to hosts running custom software built utilizing Fortran, which I had no experience using. We needed a tool to help us identify hosts and vulnerabilities as well as meet NIST compliance. The tool I would choose today for that would be Tenable. Their current lifecycle blog goes in depth into this area.

The weakest spots in an organization’s security posture occur at the intersection of attack surface, avenues of attack (attack vectors) and obstacles/ (lack of) controls in place. Identifying these weak spots should be the first objective of all cybersecurity programs. This is also where several fail, due to weak visibility and understanding during that crucial “identify” phase.

Cody Jackson
Latest posts by Cody Jackson (see all)