Customizing defense models to reduce the window of exposure

Most organizations already have a defense model in place that is meant to protect them from attacks, but the problem is that many use an outdated one.

But the threat landscape has changed and is constantly changing. Currently, that involves many client side attacks, and the possibility of being targeted by persistent attackers, either those affiliated with criminal organizations or state-sponsored ones.

The time has come to improve security models, and to adapt them to current and specific threats each organization is facing – i.e. do a little prioritizing.

In this podcast recorded at Virus Bulletin 2013, Andreas Lindh of I Secure talks about the technologies in use that are no longer enough, the effectiveness of patch management and the need for hardening, and the things every organization has to take into consideration when creating its customized defense model.

Listen to the podcast here.

Andreas Lindh is a security analyst and architect from Gothenburg, Sweden. He works for I Secure Sweden AB, a company specializing in SIEM, SOC and other areas of security operations.

Andreas is a holder of the CISSP certification, a member of OWASP Sweden, and a web application security enthusiast.