Analyzing the Cyber Threat Information to Consolidate the Security Posture of an Application
Main Article Content
Abstract
Cyber attacks have manifested drastically from what they used to be say a decade ago. The present attacking mechanisms are meticulously planned and a thoroughly concerted exercise that delays the discovery of those attacks more difficult thereby giving the attackers enough time to wreak havoc on the system. The threat landscape has changed so much that it has become important for the organizations to respond to a live attack rather than respond to a breach after the attacker has accomplished his malicious intentions. A very common response to minimize the impact of a security attack is to isolate the affected node or terminate any process running the attackers' code, however, this has a downside also that the attackers become aware that they have been detected and they go underground leaving no trace so that it can be determined which security aspect got compromised in such attacks.