Mandy, Abel, TED discussed on Cybersecurity Effectiveness Podcast
So they're taking advantage of that trend. and then you know ransomware Kinda it's like it flares up and then fizzles and flares up and fizzles and and so we're seeing. Some ransomware again as Phobos grand crab, a handful of others. and. It's just like the regular M- just goes in cycles. and then of course, targeting a web applications API is you know for for exploit. So they're they're always scanning what's out on the Web from an application standpoint that might still be susceptible to all the old trustees like cross site scripting sequel injection or other other exploit methods. Though, they might target the underlying platforms to if you're running on like a content management system or something like that the target that as well So it's a lot of that Ted anyone who's been insecurity for wild. You sounds really familiar not seen a whole lot of novel stuff like just hey, here's something that's really flashy really new and be aware of this so. They don't need it. I mean there's I mean when we when we first started verden now Mandy and security validation. But when I start up, the whole idea was did we want keep on chasing zero days and the is It out of these the. Late stage threat analysis frameworks that were put out or do we want it is based on on behaviors and we said look there's there's only a finite number of militias behaviors whether it's related to lateral movement or data xfinity see two or. Business logic attacks. Now, the attacks ride on top of them are going to be completely different, but they're always going to follow this process. So we tried to yeah yeah. Yeah it's it's it's never ending. If you try to trace every single attack type you mentioned something as well. I'm hearing a lot of folks like you people that are managing large large security infrastructures talking about just simple cloud miss configurations leading to you know the extra buck on the wrong side. So maybe they architecture was supposed to go wife web application, traditional firewall database application in because a few incorrect key strokes the WAF- and the fire or on the wrong side and the the database in. Asian is on the other side. It was really hard to do that in your local data center because you'd have to change routing and. Abel's around but it's a couple of key strokes, right? Cloud and that seems to be happening a lot actually. It, really it is in. Their governance at scale really kicks in and I'm sure we could touch on that. In a bit but that's that's definitely a newer paradigm to a lot of companies are waiting in the cloud. One that had would strongly everyone be very conscientious of when you're developing defying cloud strategies is to figure out how to address. Configurations I would wager that the the number of cloud incidents are percentage of incidents that are due to miss configurations is probably you know in the eighty to ninety percent rain I think you're absolutely right. you know. Zero days and fundamental flaws and cloud infrastructure that are allowing these types of exploits to happen. It's just how people are setting things up. Yeah. Yeah. Well, let let let's talk a little bit about governance and maybe some of the other trends as well that saying things that are how they're evolving right now..