没有合适的资源?快使用搜索试试~ 我知道了~
Gartner发布ASCA自动化安全控制评估创新洞察:三年后40%的综合安全厂商都将提供ASCA功能.pdf
需积分: 5 0 下载量 125 浏览量
2024-09-27
10:25:55
上传
评论
收藏 158KB PDF 举报
温馨提示
Gartner发布ASCA自动化安全控制评估创新洞察:三年后40%的综合安全厂商都将提供ASCA功能.pdf
资源推荐
资源详情
资源评论
Gartner, Inc. | G00812073
Page 1 of 14
Innovation Insight: Automated Security Control
Assessment
29 August 2024 - ID G00812073 - 11 min read
By Analyst(s): Evgeny Mirolyubov
Initiatives:Infrastructure Security; Meet Daily Cybersecurity Needs; Security Operations
The complex web of security controls, skills gaps and rapidly
changing attack techniques compound the problem of maintaining
an optimal configuration of technical security controls. Security
and risk management leaders can improve their security posture
by automating security control assessments.
Overview
Key Findings
Misconfiguration of technical security controls is a persistent issue associated with
security breaches. Weak security defaults, configuration drift, tuning to reduce false
positives and evolving attack techniques lead to suboptimal deployments of
technical security controls.
■
Automated security control assessment (ASCA) technologies are not just for mature
security teams with multimillion dollar budgets. They are suitable for a wide range of
organizations to help address the risks of technical security control misconfiguration
and mismanagement.
■
Although adopting ASCA technology is beneficial, fully automating remediation can
be problematic. Excessive reliance on automation of security configuration changes
often leads to heightened risks of false positives.
■
This research note is restricted to the personal use of liuyang17@qianxin.com.
Gartner, Inc. | G00812073
Page 2 of 14
Recommendations
Strategic Planning Assumptions
By 2027, 40% of broad portfolio security providers will contain ASCA features, up from
less than 5% today.
By 2028, investments in technologies that reduce threat exposure will grow twice as fast
as investments in technologies that detect and respond to incidents.
Through 2029, more than 60% of security incidents will be traced to misconfigured
technical security controls.
Introduction
Misconfiguration of technical security controls is a persistent issue associated with
security breaches. Despite deploying various security technologies, organizations often
lack the skills and resources to manage these tools effectively. The problem is
compounded by a complex security infrastructure and a lack of cross-functional talents,
with individual team members assigned siloed, tool-specific responsibilities.
Seek ASCA products that support processes for threat exposure and security
configuration management to help automate assessments of technical security
controls and to overcome skills shortages, resource constraints and rapidly changing
attack techniques.
■
Manage costs by running a pilot deployment before investing heavily in ASCA
technologies. Start small and grow your deployment over time to benefit early on.
Investigate offerings from your existing security technology and service providers
before investing in discrete ASCA technologies.
■
Deprioritize a blanket approach to fully automated security configuration changes
until automation matures and accuracy improves. Approve automated reactions to
ASCA recommendations only for the most apparent and unobtrusive issues.
■
This research note is restricted to the personal use of liuyang17@qianxin.com.
Gartner, Inc. | G00812073
Page 3 of 14
Many organizations conduct periodic security configuration
reviews against vendor best practices. However, these often fail to
account for the organization’s specific exposure to the threat
landscape.
Additionally, the following factors make it impossible to maintain an optimal
configuration of technical security controls without automation:
Security teams can optimize their organization’s security posture by establishing
processes and investing in technologies for continuous assessment of technical security
controls. Pairing these processes and technologies with various exposure data —
including attack surface context, vulnerabilities, attack simulations and threat intelligence
relevant to the business — enables the assessments to be automated. Figure 1 provides
an overview of the core capabilities of ASCA technologies.
Security configuration drift
■
An expanding attack surface
■
Newly found vulnerabilities and their methods of exploitation
■
Evolving attack techniques
■
This research note is restricted to the personal use of liuyang17@qianxin.com.
剩余13页未读,继续阅读
资源评论
lurenjia404
- 粉丝: 4390
- 资源: 159
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功