1/ IT politics is part of the "physics" of the security problem, much like friction, noise and air resistance in the physical world.
An often overlooked aspect of security solutions is that they empower CISOs to mitigate issues without asking others for help
An often overlooked aspect of security solutions is that they empower CISOs to mitigate issues without asking others for help
https://twitter.com/jaredhaight/status/1322208309672202242
2/ Per the "Kerberoasting" example mentioned by @jaredhaight, the naive solution would be to just ask service account owners to upgrade password strength.
However, the CISO may have a security solution that monitors Kerberos requests to the DC and blocks massive harvesting
However, the CISO may have a security solution that monitors Kerberos requests to the DC and blocks massive harvesting
3/ while it might not be the perfect solution, but the CISO can do it right away without asking anyone and buy precious time to fix the root cause of the problem.
4/4 politics is always part of the game. That's why I love reading posts by current / past IT and Security admins, such as @jaredhaight @GossiTheDog @SwiftOnSecurity
5/4 some other examples: IDS, IPS, WAF allowing CISO to immediately mitigate a vulnerability, while waiting for "the business owners" to patch
• • •
Missing some Tweet in this thread? You can try to
force a refresh
