github
/
developer-roadmap
mirror of https://github.com/kamranahmedse/developer-roadmap.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Roadmap to becoming a developer in 2022
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5245 Commits
209 Branches
4 Tags
445 MiB
 
 
 
 
 
Tag: Branch: Tree: 7f776808df
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7f776808df'
${ noResults }
developer-roadmap/src/data/roadmaps/cyber-security/content/known-vs-unknown@HPlPGKs7NL...

26 lines
2.9 KiB
Raw Blame History

# Known vs Unknown
In the realm of cyber security, threats can be classified as known or unknown based on their familiarity and the level of awareness about them. Understanding the difference between these two types of threats is essential for effectively implementing security measures and mitigating potential risks.
## Known Threats
Known threats are those that have been identified, studied, and documented by the security community. They are the types of threats that security vendors have had the opportunity to analyze and develop protective measures against. These threats include:
- Malware: Such as viruses, worms, and Trojans that have known signatures and behavior patterns.
- Phishing: Social engineering attacks using deceptive emails, texts, or websites to trick users into providing sensitive information or downloading harmful files.
- Exploits: Taking advantage of known vulnerabilities in software and hardware.
- Common Attack Patterns: Recognizable attack techniques, such as SQL injection, that have well-documented solutions and mitigation strategies.
To defend against known threats, organizations should keep their security software, operating systems, and applications up-to-date. Regularly patching vulnerabilities, training employees to recognize phishing scams, and following best practices for secure configurations can help protect against these known risks.
## Unknown Threats
Unknown threats are those that have not yet been identified or documented by the security community. They represent a greater challenge to organizations due to their unpredictable nature and the lack of available defense mechanisms. Examples of unknown threats include:
- Zero-Day Vulnerabilities: Security flaws that are unknown to the software or hardware vendor and for which security patches do not yet exist.
- Advanced Persistent Threats (APTs): Highly skilled, persistent adversaries that operate stealthily, often using custom-developed tools, to compromise a target's network over an extended period.
- Novel Malware Types: New or significantly altered forms of malware that do not have known signatures, making them difficult to detect with traditional security tools.
Defending against unknown threats requires a proactive approach. Incorporating threat intelligence, network monitoring, and behavior-based anomaly detection can help organizations identify potential threats before they cause damage. Additionally, following the principle of least privilege, segmenting networks, and maintaining strong data encryption can reduce the impact of unknown threats when they are discovered.
In conclusion, understanding the difference between known and unknown threats is crucial for implementing effective cyber security measures. By staying informed about the latest threats and investing in the right security tools and practices to tackle both known and unknown risks, organizations can better protect their networks, systems, and data from cyber attacks.