Archive for the ‘Zero trust’ Category

Zero Trust Essentials eBook

Zero Trust Security: An Enterprise Guide

Leave a Comment

Protecting Your Cloud Environments With Zero Trust

When moving to a cloud infrastructure, businesses should be looking toward a Zero Trust strategy. This security model protects the cloud from the inside out using the principle of least privilege to grant secure access to any company resource. Eliminating implicit trust helps prevent cloud-related data breaches and provides a security shield for remote workers that use BYOD (Bring […]

Leave a Comment

Building trust in a zero-trust environment

A recent study by MITRE and DTEX revealed that despite years of industry efforts against insider threats, there isn’t enough data – or systems advanced enough – to spot all malicious behavior. As companies work to build a corporate culture of cybersecurity, they’ve begun investing in zero-trust architectures to proactively cover all attack surfaces. While this is a step […]

Leave a Comment

Adopting Zero-Trust for API Security

Why Use Zero-Trust for API Security Think of APIs as the new network; interconnected in complex ways and with API interactions happening both within and outside  of the organization. “Public-facing APIs—for example, consumer banking—are usually a key area of focus when it comes to zero-trust,” said Dunne. “This is due to the obvious risk exposure […]

Leave a Comment

Zero trust: Bringing security up to speed for the work-from-anywhere age

The first step toward a zero-trust environment consists of establishing a zero-trust network architecture that covers all aspects of users interacting with corporate internal and cloud-based IT resources, wherever the users or the resources might be located. This requires an evaluation of the context of user access, combined with the creation of risk profiles. Based on these […]

Leave a Comment

How to build a zero-trust cloud data architecture

The cloud broadens an organization’s attack surface to the point that CISOs must guard data across multiple clouds, tools, and on-premises locations. This further complicates their main objective of minimizing the risk of unauthorized data access and makes their job of ensuring information assets and technologies are adequately protected an arduous task. Even worse, traditional security […]

Leave a Comment

7 keys to evaluating zero trust security frameworks

Zero trust as a framework for securing modern enterprises has been around for years, but is drawing renewed attention with the increase in cyberattacks. The United States government is pushing for zero trust implementations across all its agencies, and more vendors are jumping on board the already rolling zero trust product bandwagon. The mix of user need […]

Leave a Comment

The 6 steps to implementing zero trust

In their minds, this security approach can only be applied to fresh, or “greenfield,” environments – and even there organizations are hesitant as they may believe security will hinder business agility. The true reason for why businesses are hesitant when it comes to zero trust is due to a lack of understanding of the process […]

Leave a Comment

The hybrid office will create great opportunities—for companies and cybercriminals

Spring is always a time of renewal, but never more so than this year. After our long winter of forced isolation, the increased accessibility of safe and effective vaccines has many looking forward to shutting off Zoom, putting on some real pants, and emerging to see friends and colleagues in person for the first time in more than […]

Leave a Comment

Infection Monkey: Open source tool allows zero trust assessment of AWS environments

Guardicore unveiled new zero trust assessment capabilities in Infection Monkey, its open source breach and attack simulation tool. Available immediately, security professionals will now be able to conduct zero trust assessments of AWS environments to help identify the potential gaps in an organization’s AWS security posture that can put data at risk. Infection Monkey helps IT security teams […]

Leave a Comment

Google’s Project Zero Finds a Nation-State Zero-Day Operation

Google’s Project Zero discovered, and caused to be patched, eleven zero-day exploits against Chrome, Safari, Microsoft Windows, and iOS. This seems to have been exploited by “Western government operatives actively conducting a counterterrorism operation”: The exploits, which went back to early 2020 and used never-before-seen techniques, were “watering hole” attacks that used infected websites to deliver malware to visitors. […]

Leave a Comment

Zero Trust creator talks about implementation, misconceptions, strategy

Leave a Comment

Zero Trust architectures: An AWS perspective

Our mission at Amazon Web Services (AWS) is to innovate on behalf of our customers so they have less and less work to do when building, deploying, and rapidly iterating on secure systems. From a security perspective, our customers seek answers to the ongoing question What are the optimal patterns to ensure the right level of confidentiality, integrity, […]

Leave a Comment