Project Zero Trust by Finney George;Kindervag John;
Author:Finney, George;Kindervag, John; [Finney, George]
Language: eng
Format: epub
Publisher: John Wiley & Sons, Incorporated
Published: 2022-08-05T00:00:00+00:00
âThe first part of Zero Trust is about knowing the business,â Dylan explained. âHow we make money, what the strategy is, and where the business plans to go.â
âSo what does that mean for MarchFit?â Chris asked.
âWe have several lines of business,â Dylan said. âWe have our retail outlets. But we also have our network of content creators that people love taking walks or runs with. And then there is our new product development that is launching a new product in a few months.â
âI think we can better align with MarchFit's Zero Trust implementation by customizing our runbooks around those different lines of business,â Chris offered. âI bet that each of those different lines of business rely on different business-critical applications, and we can tailor our monitoring to more closely mirror that first design principle. What about being inside out?â
âThat has defined our approach,â Dylan said. âWe've prioritized working on our most business-critical protect surfaces first, and then expanded from there.â Chris nodded. âThat makes sense. Instead of putting all your controls at the perimeter firewall, you're doing that crunchy center thing that John Kindervag talked about. It seems like we should be able to align our monitoring around those protect surfaces as they relate to those different lines of business.â
âHow does the SOC know who or what needs access?â Harmony asked.
âWe've recently built our own security orchestration system to help automate the runbook actions that we're able to take,â Chris said. âTo be successful at this, we'd need to be able to integrate with your identity system. We use our orchestration platform to help establish behavioral norms. A behavior that's normal in one region or one department might be a critical alert if it's discovered in a different region or department. That's our secret sauce.â
âThe costs of logging everything might be too high to include our MSSP in step 4,â Noor said. âStorage costs are going down all the time, but you have to admit that there's a disincentive to send everything to our MSSP since you charge based on the volume of logs. You're not charging based on how effective your service is.â
âIf we're not providing value, then we would expect you to leave and find another MSSP,â Chris admitted. âAnd I also understand that we weren't able to detect most of the activity that led up to your ransomware infection. We need to do better, not just for you, but for all our clients. I agree that we need to have some skin in the game. But we also need a feedback loop to help MarchFit improve your controls. The more false positives we can remove by stopping bad behavior, the more time we can spend investigating real suspicious activity.â
âThere are also five design principles that we're following,â Harmony said, advancing to the next slide:
Define the protect surface.
Map the transaction flows.
Architect a Zero Trust environment.
Create Zero Trust policies.
Monitor and maintain each protect surface.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7413)
Grails in Action by Glen Smith Peter Ledbrook(7306)
Kotlin in Action by Dmitry Jemerov(4654)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4139)
The Age of Surveillance Capitalism by Shoshana Zuboff(3435)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3254)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3035)
Mastering Python for Networking and Security by José Manuel Ortega(2967)
Blockchain Basics by Daniel Drescher(2900)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(2720)
TCP IP by Todd Lammle(2648)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(2563)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2488)
Azure Containers Explained by Wesley Haakman & Richard Hooper(2450)
Hands-On Azure for Developers by Kamil Mrzyglod(2432)
React Native - Building Mobile Apps with JavaScript by Novick Vladimir(2345)
MCSA Windows Server 2016 Study Guide: Exam 70-740 by William Panek(2319)
The Social Psychology of Inequality by Unknown(2318)
The Art Of Deception by Kevin Mitnick(2306)