erek
[H]F Junkie
- Joined
- Dec 19, 2005
- Messages
- 11,732
"The assessed agency also placed too great a reliance on known indicators of compromise (IoCs) for detecting intrusions, plus various system misconfigurations and procedural issues hindered the analysis of network activity.
CISA said the exercise demonstrated the need for FCEB agencies to apply defense-in-depth principles – multiple layers of detection and analysis measures for maximum effectiveness. Network segmentation was recommended and the red team wanted to stress the danger of over-relying on known IOCS.
It also wouldn't be a CISA communiqué without a plug for its secure-by-design push. It said that insecure software contributes to the issues faced by the target agency and re-upped its call to stamp out default passwords, provide free logging to customers, and for vendors to work with SIEM and SOAR providers to make better use of those logs."
Source: https://www.theregister.com/2024/07/12/cisa_broke_into_fed_agency/
CISA said the exercise demonstrated the need for FCEB agencies to apply defense-in-depth principles – multiple layers of detection and analysis measures for maximum effectiveness. Network segmentation was recommended and the red team wanted to stress the danger of over-relying on known IOCS.
It also wouldn't be a CISA communiqué without a plug for its secure-by-design push. It said that insecure software contributes to the issues faced by the target agency and re-upped its call to stamp out default passwords, provide free logging to customers, and for vendors to work with SIEM and SOAR providers to make better use of those logs."
Source: https://www.theregister.com/2024/07/12/cisa_broke_into_fed_agency/