Security controls can fail to detect adversarial techniques, especially those specifically designed to evade defenses. According to research from Picus Labs, four out of the ten most used MITRE ATT&CK techniques in 2019 fell in the defense evasion category. Such scenarios create blindspots for SOC teams as no logs generated by controls.
Changes applied by the operations teams, new configurations, or a newly deployed technology without orderly change management can also pose visibility challenges and result in inefficiencies in detecting incidents.
Monitoring and driving resilience on controls not only improve tangible metrics such as number of cases, alerts, incidents, risk or cost – and lower the SOC workload but also helps to identify blindspots early on.
Easy to deploy, intelligence driven and feature-rich Picus Security Control Validation Platform makes sure that SOC teams maintain a well scoped and threat-aware log base that always covers changes in adversarial landscape and technology infrastructure.