[Lilug-si-sig] FW: Lockheed Martin Cyber Kill Chain
Lee Wilbur
leew at multiverseit.com
Fri May 3 08:44:55 PDT 2019
Hey folks,
If you’re not the patchmanagement (for WSUS) mailing list, this came in a week ago and ended up generating a LOT of discussion around domain admin access and related. The Lockheed Martin link has whitepapers at the end. I’ve not read it thoroughly, but definitely looks worth while if you’re concerned about security.
-Lee
From: patchmanagement at googlegroups.com <patchmanagement at googlegroups.com> On Behalf Of Job Cacka
Sent: Friday, April 26, 2019 6:42 PM
To: patchmanagement <patchmanagement at googlegroups.com>
Subject: [patchmanagement] OT: Lockheed Martin Cyber Kill Chain
Off topic but security updates to mitigate vulnerabilities is a high priority for us. One thing I reinforce to my coworkers is that each of us are responsible for our own due diligence. People are good at knowing something doesn’t seem right. In some places this translates into see something, say something and that is a good beginning.
Here is an illustration by Lockheed Martin that takes the military concept of a kill chain (the steps or links in an attack) and applies them to computer security. Keeping updated is a component in breaking this kill chain before it results in a successful attack.
This is actually a few years old.
https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html#<https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html>
Here is a more recent SANS article on using the illustration practically and elaborating on the human element.
https://www.sans.org/security-awareness-training/blog/applying-security-awareness-cyber-kill-chain
Thanks,
Job
--
You received this message because you are subscribed to the Google Groups "PatchManagement" group.
To unsubscribe from this group and stop receiving emails from it, send an email to patchmanagement+unsubscribe at googlegroups.com<mailto:patchmanagement+unsubscribe at googlegroups.com>.
To post to this group, send email to patchmanagement at googlegroups.com<mailto:patchmanagement at googlegroups.com>.
Visit this group at https://groups.google.com/group/patchmanagement.
To view this discussion on the web visit https://groups.google.com/d/msgid/patchmanagement/143401d4fc81%243f9f4410%24beddcc30%24%40ccbox.com<https://groups.google.com/d/msgid/patchmanagement/143401d4fc81%243f9f4410%24beddcc30%24%40ccbox.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lilug.org/pipermail/lilug-si-sig-lilug.org/attachments/20190503/463f73a5/attachment.html>
More information about the Lilug-si-sig
mailing list