Today's computing environment is an ever-expanding and changing combination of devices, services, and innovative software that are created, utilized, evolved and discarded on a daily basis. This environment is constantly scrutinized by novices, professionals and nation states—some with malicious intent. The reality of securing these systems requires that security practitioners understand and think deeply about how we operate.
We would like to share our collective experience in securing a world that is constantly changing. These 12 core principles define Sourcefire's philosophy of the appropriate ways to think about security in today's real world.
- The pursuit of security requires that we be more innovative and adaptive than our adversaries.
- Security technologies and operations must be as dynamic as the threats you face and the environments you are protecting.
- There is no such thing as a trusted network or device. True security starts with this assumption and adapts based on change that is observed in your environment.
- Attack research is useful but doesn't solve security problems. Research should focus on innovative solutions to solve today’s security challenges.
- Security without awareness is not security. You cannot protect what you cannot see.
- Intelligence accelerates security effectiveness. Static intelligence is of limited value in today's dynamic IT and threat environments.
- Beware of the black box. It is closed and hidden. Any system that does not give you full visibility into how it works should be suspect.
- Every environment is unique. You must be able to adapt your defenses to fit your needs...and do so quickly.
- Security is not a firewall; it is not policy; it is not “checking the box.” It is not one thing and can’t be made to be one thing. It’s a suite of coordinated capabilities that are leveraged to minimize risk and maximize protection.
- Security is a big data problem. Utilizing the right technologies, security can and should be self-learning, automated, and predictive.
- Security is a people problem and the technologies are tools that are made to enhance the abilities of people to secure their environment.
- Security must be an enabler. Organizational agility must be met with security agility to maximize data integrity, asset security, and a pristine reputation.
Download the Agile Security Manifesto