Prometheus Blogs

Threat Intelligence Can Be Foolish


Threat intelligence is all the rage. Certainly it’s good to know what your adversaries are up to. But just how much effort and attention should that get compared to systematically applying effective security controls?

Focusing too intently on threat intelligence is kind of like spying on possible and suspected burglars to understand their method of operation, while leaving your doors ajar and your windows open – and hoping to capture thieves before they escape with your diamonds. Do you really need to know that Miscreant X is fond of SQL injection to make certain your application is not vulnerable to that kind of attack? Wouldn’t it be better to close that window anyway, in case previously known Miscreant Y performs that kind of attack? It seems sensible to put in place controls to mitigate known attacks (and making certain the controls are effective) even if those attacks aren’t being used by any of your known adversaries. Those controls are what the NIST RMF is all about.

Of course too much proactive planning is a bad thing too.

Reader Comments
  1. sdvsvd said... around about 1 year ago - 코인카지노 - 바둑이사이트 - 우리카지노 - 정선카지노후기
Leave a Comment