Thursday, May 31, 2018

Word of the Day: active defense

Word of the Day WhatIs.com
Daily updates on the latest technology terms |May 31, 2018
active defense

An active defense is the use of offensive actions to outmaneuver an adversary and make an attack more difficult to carry out. Slowing down or derailing the attacker so they cannot advance or complete their attack increases the probability that they will make a mistake and expose their presence or reveal their attack vector.

While the term active defense is often associated with military applications and protecting critical infrastructure and key resources (CIKR), it also applies to information technology (IT) security. In cybersecurity, an active defense raises the financial cost of an attack in terms of wasting the attacker's processing power and time. Applying offense-driven strategies is critical to being able to detect and stop not only external threat actors, but also insiders and attackers with varying motivations including ransomware, extortion and cryptojacking.

An active defense complements offense-driven actions and allows an organization to proactively detect and derail attacks early and gather the threat intelligence required to understand the attack and prevent a similar recurrence. Sometimes active defense includes striking back at an attacker, but this is normally reserved for military and law enforcement that have the resources and authority to confirm attribution and take appropriate action.

Deception technology can be used detect an attacker early on in the attack cycle by obfuscating the attack surface with realistic device decoys and attractive digital bait. Misdirection can trick the attacker into engaging and lead them to believe they are escalating their attack, when in fact, they are wasting their time and processing power and providing the defender with counterintelligence. The forensic information gathered through an active defense can then be applied to defense strategies and stop a live attack, identify forensic artifacts and expedite incident response to prevent the attack from resurfacing.

Quote of the Day

"The concept of active defense is based on increasing the probability of an attacker making a mistake and revealing their presence within the network." - Carolyn Crandall

 

Trending Terms

critical infrastructure and key resources
cryptojacking
deception technology
counterintelligence
incident response
malware

 
Learning Center

Georgia governor vetoes controversial cybersecurity bill
A cybersecurity bill that would have criminalized unauthorized access to computer systems was vetoed in Georgia this week after strong opposition from Google, Microsoft and other leaders in the tech community.

How does an active defense system benefit enterprise security?
How do active defense systems on private networks work? Here's a closer look at enterprise options for these deception techniques.

Defense-in-depth strategy: Growing cyberthreat intelligence
Active defense-in-depth strategy is needed in cybersecurity. Find out what needs to be changed to improve cyberthreat intelligence and network security.

Active defense: The perils of cybervigilantism
Active defense strategies can be risky -- and costly -- for businesses, but do the benefits outweigh the downsides? Our #CIOChat participants highlight the hazards of hacking back.

David Neuman: The CISO position and keeping the cloud safe
Before taking a CISO position in the private sector, David Neuman rose up through the enlisted ranks, becoming an officer with global responsibilities.

Writing for Business

A botnet is a group of computers organized to distribute spam or malware -- _________ the owners are typically unaware of the fact.

A. though

B. although

C. even though
Answer

 

 

Stay In Touch
For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com

 

Visit the Word of the Day Archives and catch up on what you've missed!

 

FOLLOW US

TwitterRSS
About This E-Newsletter
This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for.
TechTarget

TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com

Copyright 2018 TechTarget. All rights reserved.

No comments: