Feed on
Posts
Comments

Category Archive for 'Security Architecture'

The first principle of ZeroTrust is to verify everything. It sounds like a simple thing but in reality it affects how you build software, use authentication, share documents etc. If we start at the development process the base is that you can never trust any data. You need to verify it, so it conforms to […]

Read Full Post »

ZeroTrust – the why

So in my previous post I started to look very briefly into the history of ZeroTrust. From that we learned that the hackers evolved into using more efficient tools that could easily penetrate the network security. The obvious goal of ZeroTrust is to strengthen the security. Without those measures the risk of being a victim […]

Read Full Post »

ZeroTrust deep dive

What is ZeroTrust? The name has its root in Jericho 2.0 (see the books downloadable from this blog here) and can be roughly translated to: ‘You can never know who roams your network so verify all access all the time. Never trust what you can´t verify.’ The implications of this affects the way we design […]

Read Full Post »

Security in a car

This might be interesting. A few hours ago I was contacted by a company that is providing consultancy within the automotive business. Apparently they have received a request for cybersecurity in car development and that is a completely new skillset for them so they have reached out to me to check if I´m the right […]

Read Full Post »

Investigation breeze

It is very interesting to see what happens when legal gets involved and starting reading paragraphs to the sourcing provider. Apparently we are now allowed to do more or less anything we want as long as we don´t make changes to service accounts or restart the servers. We have just deployed Azure ATP at the […]

Read Full Post »

Investigation limbo

Following the discussion with legal after my previous post we have got some guidance to move forward. Apparently this was a common business practice from the service providers side to minimise cost. When challenged by the legal department they quickly became more accommodating in helping us. This is something to take note of. Never allow […]

Read Full Post »

Investigation hell

Welcome to 2019, the year when we are supposed to know what we are doing. I´m currently experiencing an interesting situation with a customer. They have outsourced their AD to a service provider and right now I´m helping them to investigate a rather simple problem: What servers are using unsigned LDAP. There are a bunch […]

Read Full Post »

Bolted on

What did my friend actually mean with bolted on? For sure he means a security solution that might or might not be well integrated into the operating system and even if that is a big issue in itself the real challenge was that the user interfaces sometimes mandated some serious training to be able to […]

Read Full Post »

A customer of mine have asked me to device a security strategy for them. This will be an interesting task. The background to this assignment was that I was doing a presentation of cost effective security management using MITRE Att@ck as an example to prioritise your actions. After the presentation their CISO came up to […]

Read Full Post »

The use of MITRE Att@ck

One of my core mantras when I discuss security is to do the right things first. So how do you know that you are doing the right thing, isn´t that what the risk analysis is for? Correct! Five points to Gryffindor! There is however a better way to move forward. Imagine that someone has already […]

Read Full Post »

Next »