April 21

Webinar Takeaway: Zero Trust-Modelle ohne Reibungsverluste umsetzen

Security

0  comments

My key takeaways

  • the concept of pure perimeter security (inside is good, outside is evil) is outdated
  • What is zero trust
  • To implement a zero trust concept a lot of components and different software can be used. But in a broad scenario it increases the probability of a miss due to the increasing complexity
  • Compromised credentials are used in 80% of all breaches
  • EDR are good in detecting malware and attack tools but not the anormal use of valid credentials
  • Detecting anomalies in the behaviour of users or systems offers a good chance of detecting an attacker
    • e.g. on a computer which is usually only used by a dedicated user, another user is logging in
      • may be valid, may be an indicator of compromise => send MFA request to this user to verify validity

Env

Tags

anomaly detection, authentication, zero trust

You may also like

What Fantasy Role-Playing Games Can Teach Us About Cybersecurity Roles

— And why your SOC might actually need a Bard 🐉⚔️ Cybersecurity teams are often compared to armies, fire brigades, or special forces. Personally? I think they’re much closer to a party of heroes in a classic fantasy role-playing game. No matter how many frameworks, SIEMs, or AI tools we summon, defending a digital kingdom

Read More

Lessons from Sun Tzu’s “The Art of War” in Cybersecurity: Timeless Wisdom or Outdated Tactics?

Introduction Sun Tzu’s "The Art of War" is a legendary strategic treatise written more than 2,500 years ago. Its enduring principles of warfare strategy have transcended military boundaries, influencing disciplines from business management to competitive sports. In today’s digital age, its relevance is increasingly apparent in the cybersecurity landscape, particularly for CISOs of medium-sized enterprises,

Read More
Leave a Comment