Trying to assess if this is a common term in the industry.
Best answer by John Steven
View originalTrying to assess if this is a common term in the industry.
Best answer by John Steven
View originalAs stated, it is true that the term “Drift” is more commonly used by itself to references changes in Architecture that are discovered post-production. From a security perspective, these anomalies likely result in the discovery of additional threats if the infrastructure changes did not run through a well-defined process designed to ensure system hardening.
Organizations track ‘evolving threats’. And yes, as infrastructure (naturally) drifts from approved ‘reference architecture’ or ‘security blueprint’, those same organizations evaluate:
Evolving threats aren’t always tied to technology drift though. Sometimes threats evolve because of changes to intrinsic risk properties such as:
Like with infrastructural drift, evolving threats should trigger a ‘triage’ of the impact and potential refactoring of affected models.
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.