Implementing the Top 4 Defense Strategies

Written by

The Australian Defense Signals Directorate maintains a list of the Top 35 Mitigation Strategies against targeted intrusions. This is just a reference to the top strategies:

  1. Patch Applications
  2. Patch the Operating System
  3. Minimize the use of local admin
  4. Application whitelisting

Looking at these 35 strategies, the DSD claims that:

While no single strategy can prevent this type of malicious activity, the effectiveness of implementing the top four strategies remains unchanged. Implemented as a package, these strategies would have prevented at least 70% of the intrusions that DSD analysed and responded to in 2009, and at least 85% of the intrusions responded to in 2010.

This is pretty much in line with the anecdotal reference I could make where we see successful attacks either coming in through unpatched systems (point 1 and 2), flaws in applications developed in-house (kind of point 2) and social engineering (point 3 and 4). However, these things are not that new, aren’t they? We are talking about patch management since a long time – and patch management not only for the Microsoft environment but the all the applications, being it Microsoft, Adobe, in-house Apps as well as Open Source operating systems.

The DSD even went a step further and developed a really good paper called Implementing DSD’s Top Four for Windows Environments. Something definitely worth reading!


What’s hot on Infosecurity Magazine?