It is predicted that there will be a cyber attack every 11 seconds in 2021, can we cope with this onslaught or will the pyramid collapse into a heap of useless stones?
Can we protect ourselves?
EC2 box. I had a cron job set up which auto-emailed me periodically. I had tons of logs, showing an attack every two to fifteen seconds.
It's not uncommon when you have a VM set up in a cloud environment.
@Until_then Very interesting, do you get similar results with Containers as well? Are you using the AWS SIEM to monitor the VM and I presume you are charged for every bit of data passed across back to you?
HI @rslade I agree it is good, but how many of those attacks were surveillance vs actual attacks? The SIEM if receiving so many Indicators, which is untuned, is likely to come up with a lot of fake leads?
Its a challenge for sure considering no OS is safe anymore and most of the staff working remotely. Helping each other in notifications and update will surely help , also we need to be on top of Threat Modelling ,Continuous Monitoring and continuous SIEM tweaking ( to ensure least number of false positive )
Easier said that done for sure !!!!!
thanks and regards
@ArunBalodi I agree, hence we need to supplement and augment our Security Analysts with Augmented Intelligence, which others call Artificial Intelligence and Machine Learning. I suggest those who are not currently using this within their organisations, make it a priority in 2021. Human beings have a limited memory when it comes to remembering specific patterns.