[Video] “Intro to Defensive Security” Writeup – Tryhackme

Intro to Defensive Security

Offensive security focuses on one thing: breaking into systems. Breaking into systems might be achieved through exploiting bugs, abusing insecure setups, and taking advantage of unenforced access control policies, among other things. Red teams and penetration testers specialize in offensive security.

Defensive security is somewhat the opposite of offensive security, as it is concerned with two main tasks:

  1. Preventing intrusions from occurring
  2. Detecting intrusions when they occur and responding properly

Blue teams are part of the defensive security landscape.

 

Some of the tasks that are related to defensive security include:

  • User cyber security awareness: Training users about cyber security helps protect against various attacks that target their systems.
  • Documenting and managing assets: We need to know the types of systems and devices that we have to manage and protect properly.
  • Updating and patching systems: Ensuring that computers, servers, and network devices are correctly updated and patched against any known vulnerability (weakness).
  • Setting up preventative security devices: firewall and intrusion prevention systems (IPS) are critical components of preventative security. Firewalls control what network traffic can go inside and what can leave the system or network. IPS blocks any network traffic that matches present rules and attack signatures.
  • Setting up logging and monitoring devices: Without proper logging and monitoring of the network, it won’t be possible to detect malicious activities and intrusions. If a new unauthorized device appears on our network, we should be able to know.

There is much more to defensive security, and the list above only covers a few common topics.

In this room, we cover:

  • Security Operations Center (SOC)
  • Threat Intelligence
  • Digital Forensics and Incident Response (DFIR)
  • Malware Analysis
Answer the questions below
Which team focuses on defensive security?

 

Leave a Comment