Disclaimer: the article represents the views of the author and not those of his employer, management or fellow minions.
Information security is evolving but on one front it still lags behind. The area of offensive defenses.
My point is at the best defense I a good offense.
Through the use of honeypots and red herring links in applications we can force web based scanners and the hackers at their controls to waste massive amounts of time and becom disinterested enough to move to an easier target.
Writing links and adding additional extra pages in applications which the end user never sees can be a great tool. These pages can b outside of user navigation paths, and can simulate login pages with links to honeypot databases and file systems with heightened logging. Using this technique the security team will have more info and time to back track attackers and analyse the evolving landscape of web based attacks.
An escalation could be these fake systems launching exploits against whoever is accessing them. Attack is a viabl defense in my opinion.
It's time to go on the offensive against hackers.
S. Russell Dyer BS CNE CISSP CRISC Security+ CICP
Security Analyst, but I'm by no means an expert ;-)
No comments:
Post a Comment