Like a courtroom jury, a security team must determine innocence or guilt based upon evidence. However, that doesn’t mean they’re executing a fully realized evidence-based strategy.
In short, such a strategy combines reconnaissance, analytics and response procedures that are both effective and swiftly implemented to find attackers before they have time to do damage. Evidence in the form of data is not only qualified, but quantified. Given the likelihood of more threats such as the Log4j vulnerability, teams adopting this strategy will best prepare themselves for the next frontier of defense.