The security threats that we face are getting ever more harmful. Attacks launched en masse are no longer the order of the day. Rather, they are targeted, use a complex range of techniques, are sophisticated in their ability to defeat reactive security defences and can cost their victims dearly. Traditional defences that focus on defending against known threats are no match for such threats. Rather, organisations need to take a more proactive and preventative approach to protecting their applications and the sensitive information that they contain and to ensure that their network is locked down in a secure hardened state to prevent vulnerabilities from creeping in and being exploited.
This document discusses the role that integrity control plays in defending networks against attack through a focus on two key areas controlling what applications are allowed to run and how they are run, and protecting systems on the network from configuration changes and mistakes that can allow serious vulnerabilities to be exploited. Such technologies are applicable to all organisations, whatever their size or industry.