Strategy: Understanding Software Vulnerabilities
What Makes Your Data Such an Appealing Target?
Most attackers operate like any good businesspeople: They have their objectives and their business applications, and they go to work striving for success. Some attacks are highly targeted, while others are broad and automated. Understanding potential attack vectors, or the attack surface, of your organization provides insight into how an attacker may choose to approach your systems. Only by understanding the attack vectors and the methods attackers use can you design and deploy adequate defenses. Indeed, to effectively protect corporate systems, security pros need to think like hackers, examining their own data systems and corporate data policies to identify holes or weak links, then putting systems in place to guard against the most prevalent kinds of attacks, as well as those in the making. And this is not a one-and-done process—defending against attack requires constant vigilance and systems tuning, as well as keeping abreast of the latest tools and processes hackers rely on. In this report, we examine where attacks originate, the reasons behind the attacks and, perhaps most important, how attacks are carried out. (S4160212)