微軟威脅情報中心總經理的十句話——From John Lambert——太精闢了.......

                                                  微軟威脅情報中心總經理 John Lambert的十句話

 

1. What is the most important network security spend: Sensor appliances? SIEM? Threat intelligence feeds? It's your analyst team.

最重要的網絡安全開支是什麼？傳感器類設備？安全信息和事件管理？威脅情報來源？都不是，最重要的是你的分析師團隊。

 

2. Defenders, you're not stopping attacks. You're increasing attacker requirements. 'Stopping' breeds a mindset ignorant of countermoves.

作防護的，不該該總想着能阻止攻擊，而應該考慮怎麼提升攻擊成本。總想着「阻止」是無知的表現。

 

3. Your network is a directed graph of credentials. Hacking is graph traversal. See the graph or all you'll see is exfil.

你的網絡是一幅有向圖，入侵就是遍歷這幅圖。若是你沒有看整張圖的視野，就什麼也看不到。

 

4. Things go wrong right here. Admins focus on control to possess secrets. Hackers focus on secrets to possess control. Hackers are right.

問題就在於：管理員關注於控制祕密，黑客關注於祕密控制。黑客是對的。

 

5. On vulns: You can argue over exposure, difficulty, and likelihood. Security researchers write exploits because they like the truth.

對於漏洞，你固然能夠糾結於過分的披露，難度和可能性，但研究者們寫利用代碼是由於他們喜歡真相。

 

6. Pentest is the most misused security practice. Pentest is diagnostic. Go from treating the bugs as output, to treating them as input.

滲透測試是安全業務中最常被誤用的。滲透測試是一種診斷措施。滲透中找出的漏洞應該被看成進一步安全規劃的輸入信息，而不是整個安全方案的最終結果。

 

7. Software engrs hide reality by using architecture over implementation. Hackers reveal reality by using implementation against architecture.

軟件工程師試圖用良好的設計抵消糟糕的實現以隱藏現實，黑客則利用糟糕實現來對抗良好的設計以暴露現實。

 

8. Do security jobs need a degree? Remember self-taught hackers made most of our progress. When academia sits out, autodidacts show the way.

從事安全類的工做須要學位嗎？記住：咱們大多數的進步都是自學成才的黑客們帶來的。當學術界的門票賣完的時候，自學者們給出了另外一條路。

 

9. If you shame attack research, you misjudge its contribution. Offense and defense aren't peers.  Defense is offense's child.

若是你認爲從事攻擊技術的研究是可恥的，那你就沒理解攻擊技術的價值。攻擊和防護的地位固然是不同的：未知攻，焉知防。

 

10. Biggest problem with network defense is that defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.

網絡防護最大的癥結在於：防護者的思惟每每是單線的，而攻擊者的思惟要高出一個維度。只要這種狀況一直存在，攻擊者就老是會贏。