See Security’s
business scope is based on its deep technical
knowledge in the
"offensive security"
field including strategies, methodologies and
techniques, and
have built a family of asset prone
services which are designed for the client’s
best
interest.
Security
Technologies
Each Application,
each communication hardware or software, and each
operating system, is usually built with its own
security tools. Somebody should
operate and use
it. In addition, there are some special security
tools frequently
used in the network to complete
the security needs. Somebody should operate
and
use it.
The most
common special tools are Anti Virus, Anti Spy,
Firewall,
Intrusion Detection System (IDS), Intrusion
Prevention System (IPS), and so on.
It make
sense, that the function responsible for specific
server (e.g. operating system),
will be responsible
for properly use of its security built-in tools,
but who is responsible
for the property use of
the Special Security tools reminded above?
Those Special
Security tools are not "Stand alone"
systems. It is there to control the
network traffic,
ports activities, and many elements in the structure.
Properly operating
of these tools needs a very
wide and deep knowledge, not of the tools operating
only,
but knowledge regarding all the networking
elements, systems components,
Attacking tactics
and Defense Techniques!
Unfortunately,
in most cases, the job of handling these special
security tools has
done by network or system professionals
without any Architecture Security knowledge!
Because
this deep and wide knowledge is not common, it
is recommended to have at
least one professional
hold this kind of knowledge, so he may help the
specific tools
operators and the Operating System
operators to make their roles properly, as the
Technical Security Architecture & Coordinator
of the IT Division
Attacking
& Defense Techniques and Tactics
It has
looked that the world should fight against criminals
forever, and should fight
against Hackers forever.
So how does the Hacker hack? That is the main
question
that the Technical Security Designer
& Coordinator should ask. It is unacceptable
that he will try to design, deploy and defend
its architecture without deep
understanding how
Hacker thinks, manipulates and acts. This knowledge
is the base
for the Defense Techniques knowledge.
