April 21

Webinar Takeaway: Zero Trust-Modelle ohne Reibungsverluste umsetzen

0  comments

My key takeaways

  • the concept of pure perimeter security (inside is good, outside is evil) is outdated
  • What is zero trust
  • To implement a zero trust concept a lot of components and different software can be used. But in a broad scenario it increases the probability of a miss due to the increasing complexity
  • Compromised credentials are used in 80% of all breaches
  • EDR are good in detecting malware and attack tools but not the anormal use of valid credentials
  • Detecting anomalies in the behaviour of users or systems offers a good chance of detecting an attacker
    • e.g. on a computer which is usually only used by a dedicated user, another user is logging in
      • may be valid, may be an indicator of compromise => send MFA request to this user to verify validity

Env


Tags

anomaly detection, authentication, zero trust


You may also like

Webinar takeaway – Offensive Windows Event Logs

Webinar takeaway – Offensive Windows Event Logs

Event takeaway – KI und Sicherheit: „Balanceakt – Sicherheit schaffen, Freiheit bewahren“

Event takeaway – KI und Sicherheit: „Balanceakt – Sicherheit schaffen, Freiheit bewahren“
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}