Page 218 - Cyber Defense eMagazine September 2025
P. 218

Regaining the upper hand

            The writing is on the wall: an over-reliance on CVEs and agent-based approaches won’t keep you safe.
            So what else can you do to regain the upper hand?

            Combining active scanning, passive discovery and API integrations is an effective method for gaining
            comprehensive  visibility  into  both  the  internal  and  external  attack  services,  including  unknown  and
            unmanaged assets like OT and IoT endpoints.

            Once identified, the next step is to profile each asset in depth. This is when fingerprinting technology can
            play an integral part in extracting context-rich data. The more expansive the research is into what service
            a device uses, who the asset owner is, whether it’s unpatched or misconfigured and what it’s connected
            to,  the  more accurate  the  insight.  This enables exposures  that  may otherwise  remain an enigma  to
            network defenders, to be understood.

            Above all, solutions must be simple and data driven. That means consolidating capabilities into a single
            platform  that  has  the  capacity  to  deliver  risk-based,  prioritized  alerts.  Security  teams  are  already
            overwhelmed by false positives, alert fatigue, and situational blindness, and what they need is to cut
            through the noise and see what exposures and vulnerabilities truly poses a threat.





            About the Author

            Tod Beardsley is the VP of Security Research at runZero.  He "kicks
            assets and fakes frames." Prior to 2025, he was the Section Chief
            for the Vulnerability Response section for CSD/VM/VRC at CISA, the
            Cybersecurity  and  Infrastructure  Security  Agency,  part  of  the  US
            government. He's also a founder and CNA point of contact for AHA!.
            He spends much of his time involved in vulnerability research and
            coordinated vulnerability disclosure (CVD). He has over 30 years of
            hands-on  security  experience,  stretching  from  in-band  telephony
            switching to modern ICS/OT implementations. He has held IT ops,
            security, software engineering, and management positions in large
            organizations such as the Rapid7, 3Com, Dell, and Westinghouse,
            as both an offensive and defensive practitioner. Tod is a CVE Board
            member, has authored several research papers, and hosted Rapid7's Security Nation podcast with Jen
            Ellis. He is also a Travis County Election Judge in Texas, and is an internationally-tolerated horror fiction
            expert.

            Tod  can  be  reached  online  at  https://www.linkedin.com/in/todb/  and  at  our  company  website
            https://www.runzero.com/










            Cyber Defense eMagazine – September 2025 Edition                                                                                                                                                                                                          218
            Copyright © 2025, Cyber Defense Magazine. All rights reserved worldwide.
   213   214   215   216   217   218   219   220   221   222   223