Post Published On:
In the ever-evolving and agile threat landscape, with a plethora of open-source tools at the disposal of adversarial threat actors – the good guys need to be just as responsive and open to adaptation if they are to successfully combat the advances of the opposers. Threat actors such as APT 41 (Double Dragon) are just one amongst several active groups who employ a multitude of TTPs (tactics, techniques, and procedures), ranging from fine tuning open source tools to advanced campaigns such as spear phishing attacks. To defend against such skilled and persistent enemies, single source, “one-size-fits-all” type solutions are no longer effective. Gone are the days when IT network infrastructure environments consisted of a perimeter firewall (or its successor – the Next Generation Firewall) and the management felt safe under the misguided impression that their data was protected against cyber threats. Homogenous, single vendor environments are a major security gap, and the industry has realized as such. Organizations have responded, thereby, by transitioning to superior forms of Cyber Security technologies and solutions – Security Information and Event Management (SIEMs), Threat Intelligence subscriptions, Identity Access Management (IAMs), instrumentation platforms, Data Leak Prevention (DLPs), etc.
Solution providers who are in the business of stitching together (example figure below) these disparate forms of technology as a bundled solution, addressing a very specific domain, are thereby a key player and proponent in the Cyber Security industry.