Overview

Zero-Trust security. Switch from a perimeter-based (firewall and VPN) model of access to a user to resource model.

Implement strong, simple identity. Identity for both a person, but also a system. Decouple the identity from the corporation: make it affinitive to the user, a single identity.

Enforce entitlements and authorisation in the network.

This micro-segmentation is simpler to use, more accessible, and, more secure. It reduces the lateral-traversal, it empowers the users, it increases the audit capability. And, its more economical, more scalable. Everybody wins.

Articles

Well Timed or Coincidental, Cue the Phishing Attacks as 2.5M Students Affected by Data Breach

2022-08-30 Defense-In-Depth, Zero-Trust Network Access

Days after announcing student loan forgiveness in the United States, 2.5 million student borrowers had their personal information exposed in a data breach and are at an increased risk of being targeted in a phishing attack.

Protecting Against the OWASP Top 10 Web Application Vulnerabilities

2022-08-18 Articles, Defense-In-Depth, Resources, Zero-Trust Network Access, web app security

The OWASP Top 10 is a standard awareness document that outlines the most critical web application security risks and vulnerabilities. Learn how Agilicus AnyX is designed to eliminate an attacker’s visibility into the potential OWASP Top 10 web application vulnerabilities.

Industrial Air Gap – A Tale Of 2 Users

2022-05-19 Articles, Resources, Zero-Trust Network Access, web app security

Devices on industrial control system networks are ill-equipped for the hardships associated with the Internet and remote access. Low-speed processors, infrequent firmware upgrades, spotty security research, Common Vulnerabilities and Exposures (CVE) publishing, etc. This leads to a natural conflict: the operator is…

Top 5 Cybersecurity Resolutions to Cross off Your List in 2022

2022-01-06 Zero-Trust Network Access

Cybercriminals had a record breaking year with the business cost of a cyber breach reaching new heights in 2021. With clear cybersecurity goals in mind, businesses can avoid becoming just another hacking news headline.

NIST sp 800-63A: Introduce Yourself

2021-12-29 Articles, Zero-Trust Network Access

Who are you? Identity involves knowing who you are, and then later proving it. NIST sp 800-63A enrollment is the first step, let’s talk about that!

NIST sp 800-63B: How Well Do I Know You?

2021-12-29 Articles, Zero-Trust Network Access

Zero-Trust Network Architecture has 3 steps: Authenticate (Who), Authorise(What), Access(How). 3 Levels of strength of the who are defined in NIST sp 800-63B. Does the goldilocks principle apply to you? Read on!