Offensive and defensive security are typically viewed as opposite sides of the same fence. On one side, the offensive team aims to prevent attackers from compromising an organization, whereas on the other side the defensive team aims to stop attackers once they are inside. The fence, metaphorically speaking, is the adversary. The adversary’s moves, motives and mindset are the driving force behind the tactics, techniques and procedures (TTPs) of the offensive and defensive teams. Both teams put themselves in the adversaries’ shoes, predicting how they will try to achieve their objectives, and execute strategies to reduce the opportunity for those adversaries to succeed.
With that common ground in mind, IBM Security’s offensive and defensive security teams recently joined forces. X-Force Red is IBM Security’s team of hackers. X-Force Incident Response (IR) is IBM Security’s team of responders, researchers and investigators. While the teams provide offensive and defensive security services, they are now part of one team — X-Force — which is led by Global Managing Partner Charles Henderson. I spoke to Charles about the joint team, and how they will separately maintain autonomy while also providing value as one.
Abby: Thank you for speaking with me, Charles. Let’s begin the discussion with that point. It seems that the objectives for offensive and defensive security clash a bit, with the offensive team doing everything it can to prevent a compromise and the defensive team doing everything it can to stop attackers when there is a compromise. How does putting both teams under one umbrella help overcome this clash?
Charles: It’s important to keep in mind that from an organization’s perspective, you have the best of both worlds. When you look at offensive and defensive capabilities, they are research-driven. The teams dig into adver ..
Support the originator by clicking the read the rest link below.
