The Johari Window: How Known Unknowns Led to the Largest Cybersecurity Breach of National Security in U.S. History

“Therefore just as water retains no constant shape, so in warfare there are no constant conditions.” -Sun Tzu

This article presents a different perspective on the recent SolarWinds breach in the growing number of articles on the recent attacks. It also proposes a different approach to adversary detection by detecting the constants in a breach using the concept of active defense as described by the new MITRE Shield framework. The idea is that blue teams should detect lateral movement and living off the land after the adversary has established a beachhead instead of relying solely on detecting the attack using known knowns.
Read More

3 Facts About MITRE Shield and Targeted Ransomware

You’ve probably heard me write or speak about ransomware a lot more recently, and for good reason. Targeted, APT-like ransomware attacks against large healthcare organizations and other enterprises have been all over the news. 

Recently, I had the opportunity to present a webinar along with MITRE that focused on MITRE Shield, the concept of Active Defense, and how we can use some of these proactive techniques against ransomware attackers. Below, I’ll look at 3 key facts for security teams to understand when planning your active defense strategy against ransomware threats. 
Read More

Better Together: Deterministic Lateral Threat Management and EDR

I am often asked how a lateral threat management solution, leveraging deterministic deception methods from endpoint to network and cloud, can be effective at stopping attacks in environments with an extensive threat detection stack already deployed. Read More

MITRE Shield Tactics Confirm that Deception Is Essential

We recently wrote about MITRE Shield, just after the initial release. In this article I’ll go into more detail about specific capabilities that Illusive platform provides, and how they map to the MITRE SHIELD framework.
Read More