▲What It Takes to Defend a Cybersecurity Company from Today's Adversariessentinelone.com

46 points by gnabgib 4 hours ago | 11 comments

CyberMacGyver 2 hours ago [-]

It’s RSA time so expect lot of cybersecurity posts

owyn 2 hours ago [-]

I haven't heard of that one. What is RSA time?

mandevil 2 hours ago [-]

2025 RSA Conference USA in San Francisco. So lots of papers are going to be presented and talks given on new clever ways researchers have figured out to beat different layers of security, tracking APT's, etc.

https://www.rsaconference.com/usa

keyle 1 hours ago [-]

That sounds like the oracle version of defcon.

hiddencost 34 minutes ago [-]

That's kinda cruel. RSA is trying to do a good job, and takes their customers safety quite seriously.

(Kidding. A little.)

ash-ali 2 hours ago [-]

RSA conference in the city

looperhacks 1 hours ago [-]

Is there any way to recognize adversary IT workers? Not many companies have the capabilities of cybersecurity experts

recursivecaveat 8 minutes ago [-]

Biggest thing you can do is just ensure you conduct at least 1 on-site interview, and make sure that interviewer is in a position to realize if the person they met is not the same one who shows up for other interviews and/or the work. Cost of a flight is nothing really compared to recruiting and hiring (and if you really are fully-remote and geographically distributed, you probably already have somebody in their metro area), on-sites used to be standard.

smolder 8 minutes ago [-]

The reality is a bunch of people trying to secure their insurance relationship. Useless money absorbers are running things.

Animats 13 minutes ago [-]

Start with a fingerprint check before you even talk to them.[1] Then ask for a REAL ID at the interview, take fingerprints again, and match with the ones from the pre-screen fingerprint check. You need to be signed up with a driver's license verification service to validate the ID.[2]

It takes that level of verification to become a security guard or a school bus driver. Anybody in computer security should be doing this.

[1] https://www.sterlingcheck.com/services/fingerprinting/

[2] https://www.aamva.org/technology/systems/verification-system...

hulitu 2 hours ago [-]

> Recent adversaries have included: DPRK IT workers posing as job applicants ransomware operators probing for ways to access/abuse our platform Chinese state-sponsored actors targeting organizations aligned with our business and customer base

Thank god there were no Russians or Iranians. /s

computerthings 9 minutes ago [-]

[dead]

Loading comments...