Hey folks, the OFN Research and Development department has been working on some new strategies for proactively enhancing the security on our servers.
Defending servers in 2020
These efforts aren’t in response to any particular events, but rather just the simple understanding that:
- We have a lot of critical infrastructure that is internet-facing
- The internet is a dark and scary place full of cyber-criminals and automated attack bots (really )
- The landscape of security threats is complex and constantly changing
Meeting these challenges requires modern defenses which can evolve over time.
Open Source to the rescue
There are a number of organisations which monitor, track and analyse these threats at a global level, and essentially provide Open Source cybersecurity data which is curated by professionals and constantly updated. This can take various forms, such as data on the most active malicious IP addresses known to be launching attacks in the last 24 hours, or development of signatures for detecting specific kinds of attacks.
We’ve been looking at some ways we can leverage these live datasets and actively incorporate them into our security.
We’ll be rolling out phase one soon, which includes some of the simpler parts of this strategy. We’ll also be doing some separate testing/review of the slightly more complex parts for a potential phase two rollout at some point in the future.