EN
Snarky Security
Snarky Security
114 subscribers
Sep 03 12:00

CTEM Unpacking (Video & Audio)

Rutube, VK
Audio Podcast (Check out Mave or other suitable podcast platform)
Let’s ‎dive‏ ‎into ‎the ‎thrilling ‎world ‎of‏ ‎Continuous ‎Threat‏ ‎Exposure‏ ‎Management ‎(CTEM), ‎shall ‎we?‏ ‎CTEM, ‎in‏ ‎its ‎infinite ‎wisdom, ‎is‏ ‎not‏ ‎just ‎a ‎fancy‏ ‎tool ‎or‏ ‎a ‎magical ‎technology ‎wand‏ ‎you‏ ‎can‏ ‎wave ‎to ‎make‏ ‎all ‎the‏ ‎bad ‎cyber‏ ‎gremlins‏ ‎go ‎away. ‎No,‏ ‎it’s ‎a ‎convoluted ‎five-step‏ ‎program ‎that‏ ‎includes‏ ‎scoping,‏ ‎discovery, ‎prioritization, ‎validation, ‎and ‎mobilization.‏ ‎Because ‎why ‎make‏ ‎things‏ ‎simple‏ ‎when ‎you ‎can‏ ‎turn ‎them ‎into‏ ‎a ‎bureaucratic‏ ‎nightmare?
Now,‏ ‎let’s ‎talk‏ ‎about ‎the ‎tools ‎and‏ ‎technologies ‎that‏ ‎make‏ ‎CTEM‏ ‎tick. ‎We’ve‏ ‎got ‎CAASM‏ ‎(Cyber ‎Asset‏ ‎Attack‏ ‎Surface ‎Management),‏ ‎EASM ‎(External ‎Attack ‎Surface ‎Management),‏ ‎EM ‎(Exposure‏ ‎Management),‏ ‎and ‎RSAS ‎(Red ‎Team‏ ‎Automation ‎Systems).‏ ‎These ‎acronyms ‎sound ‎like‏ ‎something‏ ‎out ‎of ‎a‏ ‎dystopian ‎sci-fi‏ ‎novel, ‎don’t ‎they? ‎They’re‏ ‎crucial‏ ‎for‏ ‎peeking ‎into ‎every‏ ‎nook ‎and‏ ‎cranny ‎of‏ ‎your‏ ‎organization’s ‎digital ‎environment,‏ ‎including ‎that ‎forgotten ‎server‏ ‎from ‎2003‏ ‎that‏ ‎everyone’s‏ ‎too ‎scared ‎to ‎touch.
Moving ‎on‏ ‎to ‎the ‎methodology,‏ ‎which‏ ‎is‏ ‎as ‎straightforward ‎as‏ ‎assembling ‎IKEA ‎furniture‏ ‎without ‎the‏ ‎manual.‏ ‎First, ‎we‏ ‎have ‎scoping, ‎where ‎you‏ ‎pretend ‎to‏ ‎know‏ ‎what‏ ‎you’re ‎doing‏ ‎by ‎defining‏ ‎the ‎initial‏ ‎exposure‏ ‎scope. ‎Then‏ ‎there’s ‎discovery, ‎where ‎you ‎play‏ ‎digital ‎detective‏ ‎and‏ ‎hunt ‎for ‎vulnerabilities. ‎Prioritization‏ ‎is ‎next,‏ ‎where ‎you ‎decide ‎which‏ ‎digital‏ ‎fires ‎to ‎put‏ ‎out ‎first.‏ ‎Validation ‎is ‎like ‎checking‏ ‎your‏ ‎work‏ ‎to ‎make ‎sure‏ ‎you ‎didn’t‏ ‎just ‎make‏ ‎everything‏ ‎worse. ‎And ‎finally,‏ ‎mobilization, ‎where ‎you ‎rally‏ ‎the ‎troops‏ ‎and‏ ‎hope‏ ‎for ‎the ‎best.
As ‎for ‎best‏ ‎practices, ‎let’s ‎start‏ ‎with‏ ‎stakeholder‏ ‎engagement. ‎Because ‎nothing‏ ‎gets ‎the ‎blood‏ ‎pumping ‎like‏ ‎a‏ ‎good ‎old‏ ‎meeting ‎with ‎legal, ‎compliance,‏ ‎and ‎IT‏ ‎to‏ ‎discuss‏ ‎cybersecurity. ‎Don’t‏ ‎forget ‎to‏ ‎regularly ‎update‏ ‎your‏ ‎systems, ‎because‏ ‎hackers ‎totally ‎adhere ‎to ‎a‏ ‎schedule ‎and‏ ‎will‏ ‎wait ‎patiently ‎for ‎you‏ ‎to ‎patch‏ ‎things ‎up. ‎An ‎incident‏ ‎response‏ ‎plan ‎is ‎also‏ ‎key, ‎because‏ ‎when ‎things ‎inevitably ‎go‏ ‎south,‏ ‎you’ll‏ ‎need ‎a ‎plan‏ ‎to ‎pretend‏ ‎like ‎you‏ ‎had‏ ‎everything ‎under ‎control‏ ‎all ‎along. ‎Lastly, ‎continuous‏ ‎improvement ‎is‏ ‎crucial.‏ ‎After‏ ‎all, ‎the ‎only ‎constant ‎in‏ ‎cybersecurity ‎is ‎that‏ ‎you’re‏ ‎always‏ ‎one ‎step ‎behind‏ ‎the ‎latest ‎threat.
So‏ ‎there ‎you‏ ‎have‏ ‎it, ‎folks.‏ ‎CTEM ‎in ‎all ‎its‏ ‎glory. ‎A‏ ‎strategy‏ ‎so‏ ‎complex, ‎it‏ ‎makes ‎rocket‏ ‎science ‎look‏ ‎like‏ ‎child’s ‎play.‏ ‎But ‎hey, ‎at ‎least ‎we’re‏ ‎all ‎having‏ ‎fun,‏ ‎right? ‎Right?
PDF
ctem
video
snarkysecurity
Creator has disabled comments for this post.
Go to all posts

Subscription levels

Regular Reader

$ 15,7$ 7,9 per month
50%
Ideal for regular readers who are interested in staying informed about the latest trends and updates in the cybersecurity world.
avatar
50% discount for a limited time & until the end of this month.

Pro Reader

$ 32 per month
Designed for IT professionals, cybersecurity experts, and enthusiasts who seek deeper insights and more comprehensive resources. + Q&A
Go up