The hypothetical list of Attack Vectors and Threats your organization has.
Biggest Entrants
- Endpoint
- Network services (Web Server, Email Server, VPN)
- Open ports and protocols
- Weak or compromised user accounts
- Third-party integrations
- Cloud services
- Human factor of Social Engineering
Minimizing the Attack Surface
- Vulnerability Assessment
- Implement strict Access Control
- Network Segmentation
- Reducing Single Point of Failure
- Frequent endpoint security updates
- MFA
- Regular auditing
- Security Awareness