A Look at Today's Computer Attack and Defense Landscape

Modern threats use social engineering to bypass technical defenses, target workstations through browsers, compromise web applications, and maintain long-term interests in compromised environments. Arms-race dynamics between defenders updating measures and attackers responding lead to increasingly sophisticated threats.

It takes time and money to adjust IT security measures in response to evolving attack tactics. As defenders gradually update their security measures, attackers respond accordingly. Such arms-race dynamics lead to threats of increasing sophistication and efficiency.

My recent article Understanding Modern Computer Attack and Defense Techniques presents the current snapshot of the state of the threat landscape and offers tips for keeping up with the race.

Defending IT infrastructure involves understanding attack tactics that are particularly effective today. As you assess and improve your information security program, consider the following characteristics of modern computer security threats and the recommendations for dealing with them:

Read the article for my perspective on how attackers use these approaches to bypass security defenses and what you may be able to do about it. (The PDF of the article was originally published by TechTarget.)

About the Author

Lenny Zeltser is a cybersecurity executive with deep technical roots, product management experience, and a business mindset. As CISO at Axonius, he leads the security and IT program, focusing on trust and growth. He is also a Faculty Fellow at SANS Institute and the creator of REMnux, a popular Linux toolkit for malware analysis. Lenny shares his perspectives on security leadership and technology at zeltser.com.

Learn more →