Describe how a threat actor can utilize malware to breach the organization’s security to exfiltrate critical data assets. Use external resources from the open-source intelligence (OSINT) to justify your claim.
Propose two effective security controls against malware-based attacks and ways to monitor and assess the effectiveness of the security controls.
For each proposed security control considered, provide a qualitative (descriiptive) analysis of its operation, availability, cost, implementation issues, and overall benefit to the company.
Provide a high-level flow diagram like the Microsoft Security Development Lifecycle (SDL) that shows how the implementation of DevSecOps can mitigate risks to the organization’s computing resources. See Appendix A for more information. (See Part 1 of Presentation attached)
