In our first cyber security checklist, we provided a security overview and best practices to help organizations prevent an initial compromise from occurring. In this guide, we will help you understand practical steps you can take to mitigate techniques attackers use once they have penetrated your defenses. Once attackers have access to a machine, they can evade detection by using fileless techniques and legitimate system administration tools to do their dirty work. With this checklist, you will have a guide to help mitigate the impact of an attacker. Lastly, we will hep you understand how partnering with a company like Alert Logic can provide better defenses to stop attackers in their tracks.
This checklist helps to explain how to:
- How to manage and limit PowerShell access
- Securing and utilizing Windows Management Instrumentation (WMI)
- Ways to apply application controls
- Following the principle of least privilege and applying access controls
- What to monitor for to help uncover malicious activity
Lastly, we will cover how partnering with a company like Alert Logic can assist you will implementing a security solution that will advance your capabilities far faster than you can achieve on your own. By partnering with a managed security provider, organizations gain access to a modern, always-advancing set of technology to help secure their business, the intelligence to provide context to security decisions, and expertise and remediation guidance to help secure their business.