When researching the latest security trends, there is a common thread that is increasingly topical: the rise of automated hacking.

The use of automation in hacking has increased significantly and the response needs to be considered accordingly.

While the use of automation is not necessarily new, companies have inadvertently increased their attack surface over time and, to this extent, the complexity and advancements of the attacks require a different defensive approach.

Visit www.port443.co.za for more information

To support the growth aspirations of the business, the ICT landscape needs to evolve continuously. These include strategies relating to digital transformation, the increasing prevalence of connectivity to third parties, cloud-native applications, and the support of remote working. The corresponding ICT “sprawl” and complexity contribute to the challenges associated with mitigating attacks across the ever-evolving estate.

As the prevalence of API-supported technologies increases, two things should be considered.

By virtue of the fact that more and more applications have APIs, there is a corresponding increase in the attack surface exposed for exploitation.
With the increase of available APIs across mainstream security controls, there exists the ability to use these APIs in conjunction with automation platforms to improve the efficacy of the cybersecurity posture, and the defensive response.

The prevalence of the API economy can be taken advantage of when it comes to risk mitigation, management, oversight and control.

The National Institute of Standards and Technology (NIST) recommends the phases for the framework of incident response as follows.

Preparation
Detection and analysis
Containment, eradication and recovery
Post-incident activity

Using a security orchestration, automation and remediation (Soar) platform, the speed and accuracy with which these phases can be executed increase materially. A Soar platform integrates with cybersecurity controls via APIs. In so doing, the efficacy of the response to incidents can be significantly enhanced.

The preparation phase can be supplemented with automation relating to the continuous hardening of the configuration of controls according to best practice, thereby lowering the probability of an incident occurring in the first place.

The detection and analysis phase can be supplemented with automation via embedded threat intelligence feeds, contextualising the threats and reducing false positives. This, in turn, allows for a focus on true positives and false negatives, reducing analyst load and alert fatigue.

In terms of the containment and eradication phase, a Soar platform with appropriately configured playbooks will enable immediate containment, allowing for additional time to eradicate and recover.

This needn’t be a costly exercise.

While Soar platforms in and of themselves can be costly, and the skills required to develop thereon are scarce, Port443 offers these capabilities “as a service”, easily consumed across your ICT estate as a fully managed capability.

Visit www.port443.co.za for more information, e-mail [email protected] or connect with us on LinkedIn.

This promoted content was paid for by the party concerned

Ramokgopa bullish on energy outlook as new projects get green light

Wiocc lands R1.1-billion in debt funding for data centre, fibre expansion

Rand hits its strongest level in three years

Presidency backs Solly Malatsi in BEE reform fight

ICT BEE fight deepens as MK, EFF target Malatsi

Oracle’s AI ambitions face scrutiny on earnings miss

China will get Nvidia H200 chips – but not without paying Washington first

IBM reportedly close to $11-billion deal to buy Confluent

Amazon and Google launch multi-cloud service for faster connectivity

Google makes final court plea to stop US breakup

Black Friday goes digital in South Africa as online spending surges to record high

Canal+ plays hardball – and DStv viewers feel the pain

So, will China really win the AI race?

Valve’s Linux console takes aim at Microsoft’s gaming empire

iOCO’s extraordinary comeback plan

TCS+ | Cloud without culture won’t deliver AI: Accelera’s Cliff de Wit

TCS+ | How Cloud On Demand helps partners thrive in the AWS ecosystem

TCS | Ralph Mupita on competition, AI and the future of mobile

TCS | Dominic Cull on fixing South Africa’s ICT policy bottlenecks

TCS | BMW CEO Peter van Binsbergen on the future of South Africa’s automotive industry

Netflix, Warner Bros deal raises fresh headaches for MultiChoice

BIN scans, DDoS and the next cybercrime wave hitting South Africa’s banks

Your data, your hardware: the DIY AI revolution is coming

The energy revolution South Africa can’t afford to miss

It’s time for a new approach to government IT spend in South Africa

The rise of automated hacking, and the API response

Visit www.port443.co.za for more information

How automation can help fix the cybersecurity skills void

Port443: providing automated visibility, insight and validation

Cybersecurity: It’s how you react that matters

AI, cloud and the great IT rationalisation

New Vox partner programme helps ISPs expand without the heavy lifting

How alternative credit models can unlock South Africa’s hidden economy

Netflix, Warner Bros deal raises fresh headaches for MultiChoice

BIN scans, DDoS and the next cybercrime wave hitting South Africa’s banks

Your data, your hardware: the DIY AI revolution is coming

Ramokgopa bullish on energy outlook as new projects get green light

Wiocc lands R1.1-billion in debt funding for data centre, fibre expansion

Rand hits its strongest level in three years

Presidency backs Solly Malatsi in BEE reform fight

Subscribe to the newsletter

The rise of automated hacking, and the API response

Visit www.port443.co.za for more information

Related Posts