Zero Trust


How to choose a Zero Trust Network Access architecture: Software-Defined Perimeter or Reverse-Proxy?

Zero Trust Network Access (ZTNA) is the next generation access solution that is set to be a key part of IT administrators toolkits, displacing longstanding Virtual Private Networks (VPN). There are numerous factors and features that need to be considered when choosing the right ZTNA architecture for your organization. In this guide we breakdown the differences between the two prominent architectures, Software Defined Perimeter (SDP) and reverse-proxy, and how to successfully evaluate them.

Building a Zero-Trust Model With SolarWinds Security Tools - SolarWinds Lab Episode #92

The zero-trust model is critical for building a successful strategy to detect both internal and external cybersecurity threats. This approach requires setting and maintaining strict access controls and "no trust" as the default to all, including those already inside your network. There are several steps needed to properly evaluate your organization's current state before you can start implementing best practices.

Zero Trust Architecture: What is NIST SP 800-207 all about?

“Doubt is an unpleasant condition, but certainty is an absurd one.” Whilst I claim no particular knowledge of the eighteenth-century philosopher Voltaire, the quote above (which I admit to randomly stumbling upon in a completely unrelated book) stuck in my mind as a fitting way to consider the shift from traditional, perimeter-focused ’network security’ thinking to that of ‘ZTA’ (Zero Trust Architecture.)


Zero Trust Architecture explained

With the increase in frequency, sophistication, and cost of cyberattacks, the global focus on cybersecurity is at an all-time high. However, the goalposts for those tasked with protecting businesses have shifted. Hackers have a growing number of ways they can compromise a business and are frequently looking to move laterally within an organization, using credentialed (and often elevated) access.


Preventing Shadow IT from Blindsiding your Zero Trust Plan

I’ve spoken before about Zero Trust approaches to security, but for many of those starting on their journey, there isn’t an obvious place to start with the model. With this post, I wanted to share an example approach I’ve seen working that many organisations already have in place and can be easily rolled into a larger program of Zero Trust hardening: understanding your Shadow IT.


Software-Defined Perimeter (SDP) vs Virtual Private Network (VPN)

Zero Trust Network Access (ZTNA) is the latest security model being pushed by vendors and analysts as the next step in cyberdefense. It is often coupled with calls to deprecate, replace or kill VPN, a technology that has been a mainstay of remote access infrastructure for over 30 years.


Preparing for Zero Trust and planning your strategy

I listened in on a neat webcast recently, which was jointly produced by AT&T Cybersecurity and Palo Alto Networks: “Preparing for Zero Trust and Planning your Strategy.” Panelists were John Kindervag, Field CTO, Palo Alto Networks, Steve Sekiguchi, Director, AT&T Chief Security Office, Bindu Sundaresan, Director, AT&T Cybersecurity and Tawnya Lancaster, Lead Product Marketing, AT&T Cybersecurity.


Bringing UEBA & Zero Trust Together Making Remote Work Safer

2020 is likely to go down in history as the year of two pandemics, COVID-19 and cybercrime. Certain types of cybersecurity threats have massively intensified this year. For example, the malware NetWiredRC saw a 200% spike in detection rates in March 2020. COVID-19 has caused a sudden shift to remote working. More employees are now working from their homes than ever before. Remote work en masse exposes organizations to increased levels of threats.


The New Model for Network Security: Zero Trust

The old security model, which followed the “trust but verify” method, is broken. That model granted excessive implicit trust that attackers abused, putting the organization at risk from malicious internal actors and allowing unauthorized outsiders wide-reaching access once inside. The new model, Zero Trust networking, presents an approach where the default posture is to deny access.