Cyber Security Landscape






 

*** Attack Methods - Rootkit Attack ***

A rootkit is a piece of software that can be installed and hidden on your computer without your knowledge

It may be included in a larger software package or installed by an attacker who has been able to take advantage of a vulnerability on your computer or has convinced you to download it (see Avoiding Social Engineering and Phishing Attacks for more information)

Rootkits are not necessarily malicious, but they may hide malicious activities. Attackers may be able to access information, monitor your actions, modify programs, or perform other functions on your computer without being detected

 

Mapped Buisness Risks
Brand Damage Data/Secret Loss Service Disruption  

 

Mapped Cyber Risks
Extortion Human Error Basic Security Hygiene  

 

Mapped Mitigation Methods
Limit & Control Access Protect Data Manage Risks, Compliance and Controls Block Threats & Attacks Manage Threats & Vulnerabilities Enable Visibility  

 

Mapped Solution Categories
Third Party Risk Application Security Cloud Security Data Security DNS Security Email Security
End-Point Security Event Detection & Response Risk & Compliance Identity Mgt Insider Threat/Behavior Mgt iOT/OT Security
Logs Mgt Mobile Security Network Security Privileged Access Threat Analytics Vulnerability / Attack Surface Detection
Web Security  

 

Mapped Functions
Application Security Testing Automated Security Controls Testing Cloud Access Broker (inline) Cloud Access Broker (API/OOB) Cloud Container Security Cloud Discovery
Cloud DLP (Inline) Cloud DLP (API/OOB) Cloud Infra-as-a-Service Security Database Activity Monitoring (DAM) Data Classification & Privacy Data Encryption
Data Tokenization/Masking DDoS Protection Deception User Device Mgt - Software/Patch (End-Point) User Device Mgt - Software/Patch (Mobile) Device Mgt -Software/Patch (Server)
Disk Encryption (End Point) Enterprise DLP DMARC Security DNS Proxy (Off-Prem) DNS Proxy (On-Prem) Email Isolation
Email Behavior Analytics Email Security Cleanup/Automation Email Phishing Simulations Email Threat/SPAM Email User Warnings Application Control (End Point)
User Device Registration (End-Point) User Device Registration (Mobile) Detect & Respond (EDR) (End-Point) File Integrity (FIMM) (End-Point) Media Control (End Point) Next Gen AV (End-Point)
End-Point Protection (End-Point) Incident Response Services SIEM External/Digital Risk Review GRC Access Mgt / SSO
Active Directory Behavior Analysis Admin Server Access API Mgt Authentication/Directory Customer Identity (CIAM) Cloud Identity Monitoring
IDaaS User Identity Self Service Identity Life Cycle Mgt End-Point Local Admin Multi-Factor Auth (MFA) Session Management
IOT Device Visibility Logging Agent Log Collector Managed Hunting Services Managed Security Services (MSS) Mobile Application Reputation
Mobile Threat Network Access Control (NAC) Network Security Policy Auditor Network Security Policy Orchestration SSL Decryption Network Tap
Cloud Network Threat Analytics Network Based Threat Detection Network Threat IPS E/W Network Threat IPS N/S Network Threat Sandbox E/W Network Threat Sandbox N/S
ICS/OT Device Visibility Password Vault Security Automation (SOAR) Security Awareness Training Security Ratings (Vendor & Supplier) Micro-Segmentation
Network Firewall Segmentation (East/West) Network Firewall Segmentation (North/South) Threat Intelligence URL Filtering (Off-Net) URL Filtering (On-Net) URL Filtering/Proxy (On-Net)
URL Filtering/Proxy (On-Net) User & Device Behavior Analysis User Software Self Service (End-Point) User Software Self Service (Mobile) User-Application Access /Zero-Trust VPN End-User VPN
Site-to-Site VPN Vulnerability Scanning Web Application Firewall (WAF) Web Isolation  

 

Mapped Products
Cyberark Alero Okta Advanced Server Access  

 

Mapped OEMs
Cyberark Okta  

 

 

Last Updated: 03202020-11:28:25