“If you do a penetration test to an organization and you get blocked, this is where you stop the test, right?” says Sharon Nimirovski who founded White-Hat Ltd., a leading Israeli cybersecurity firm recently acquired by EPAM. “But in real life, the attacker doesn’t do that.” In our latest #CybersecurityByDesign conversation Nimirovski tells Sam Rehman, our Chief Information Security Officer and SVP, that nefarious actors keep looking for other ways inside. “They don’t leave. They’re moving to, maybe, spear phishing. They’re moving maybe to infected URLs, maybe infected Android apps.” How do Nimirovksi and his team meet this barrage of digital assaults? Behind the scenes they repel attackers by building “a database of all the attack techniques and the vectors they use.” His team brings this offensive armada to clients, to test for their systemic weaknesses, and when they find them they create a “vaccine” against the vulnerabilities (“That vaccine is only a behavioral rule that we embed into the client’s given technologies”). A fascinating conversion straight from the front lines of offensive security.
Host: Alison Kotin
Engineer: Kyp Pilalas
Producer: Ken Gordon
