Continuous attack technology watch
Despite the efforts put in secure implementation of IT infrastructures, one must also be aware of new threats arising day-by-day in the form of novel attack technologies. To anticipate and prepare for such exploitation of system vulnerabilities, it is an effective way to monitor underground websites discussing new ways of hacking. Collection and frequent analysis of these sources are essential complementary measures in a system monitoring and attack detection framework, making it up-to-date before an instance of the exploitation could happen in reality.
This activity provides the latest information on attack technologies and exploitable threats. By scrutinising the Internet for related sites, publications and communities, attack detection systems can be prepared to deal with security issues that are yet unexploited but are likely to be in the future.
This monitoring activity include going through news/forum sections, looking for updates, new features and exploits. As a result, a regular status report is prepared, containing the status description of monitored sites, alerts of major events (e.g. discovered vulnerabilities).