Software tools to assess the security posture of an organization
Security teams are constantly under attack from cyber criminals and threat actors, and therefore they need to be able to use a mixture of different security tools so that they can identify attacks before they have a chance to cause grave damage to the business. We will now look at each of these tools to see the benefits of each:
- Protocol analyzer: A protocol analyzer, such as Wireshark, can capture the traffic flowing through the network, including passwords in clear text and any commands being sent to network-based applications. A protocol analyzer can identify the three-way handshake between two hosts and the verbs being used with applications, such as the HTML GET verb for fetching a web page. But if we see the PUT or HEAD verb, we could recognize this as an attack.
Example: Someone within the company is not working as they should be but has been surfing the web, and the manager has called you in as the security administrator...
