Blog

Influence Energy Repo

By Benjamin Langrill

https://github.com/BoogleCloud/influence-energy/tree/main

 

These will help you determine threat mappings and ultimately what matters to your organization.

 

Two takeaways from this initial release:

 

The primary driver behind determining the energy mapping was determining the key 1-...

20.09.24 02:37 AM - Comment(s)
Read more

WHOIS Energy

By Benjamin Langrill

https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/

 

Two security researchers from Watchtowr labs had a fun night in Vegas (no not that kind) and managed to find some fundamental flows in the way a top-level domain (TLD) is used. The entire story ...

13.09.24 02:08 AM - Comment(s)
Read more

Influence Energy Analysis

By Benjamin Langrill

The cornerstone of Security Energy is determining which defense capabilities need to be implemented by predicting the capabilities that a cyber adversary will use against you (reference Influence Energy post). In a few weeks, I'll release a Github project mapping all MITRE ATT&CK techniques int...

05.09.24 11:16 AM - Comment(s)
Read more

Influence Energy Process

By Benjamin Langrill

This crucial question drives risk management and selection of defenses. The security community embellishes every new discovery as if every organization needs to drop everything and panic. At the same time, security vendors claim their product will secure you against all advanced threats. This dicho...

30.08.24 11:19 AM - Comment(s)
Read more

Incentive-based risk management

By Benjamin Langrill

Seems absurd and yet it happens daily. People spend money that doesn't increase cost for the cybercriminals.

 

Human nature deals with incentives and beliefs. If you believe there is a way to spend $100 and get $1000, you will every time.

 

In reality, a 10x ROI would come with risk of lo...

14.08.24 02:19 AM - Comment(s)
Read more

Categories

Tags

Subscribe to RSS Feed