We are thrilled to announce an exciting new addition to the StrongDM Dynamic Access Management (DAM) platform: Continuous Zero Trust Authorization. This powerful capability can help organizations leap forward in the Zero Trust journey by enabling continuous, contextual, and granular authorization and control over resources and data
Posts by Category:
- SOC 2
- Privileged Access Management
- Identity and Access Management
- Zero Trust
- ISO 27001
- Role-Based Access Control
- Secure Access Service Edge
- Dynamic Access Management
To embark on a successful Zero Trust journey, it's crucial to articulate and implement policies that align seamlessly with your business model. The Kipling Method serves as a guiding light in this endeavor. Let's delve into the six fundamental questions it poses.
In the 1990s, the TV series “The X-Files” made the phrase “Trust No One” popular. Now, with cybercrime increasing at an alarming rate, “trust no one” – or Zero Trust – is a phrase echoing through enterprises. In 2021, the average number of cyberattacks and data breaches increased by 15.1%. That same year, the U.S. government spent $8.64 billion of its $92.17 billion IT budget to combat cybercrime. It also released the CISA Zero Trust Maturity Model.
On the heels of President Joe Biden’s Executive Order (EO) 14028, the memo recommending Zero Trust Architecture to protect US government computers, the US Department of Defense (DoD) issued its own Department of Defense Zero Trust Strategy. Published in October 2022, the DoD Zero Trust Strategy addresses the rapid growth of cyber threats and the need for an enhanced cybersecurity framework.
Concerned about providing secure access to the data and tools employees need to do their jobs in a cloud or hybrid environment? Don’t worry. Solid strategies exist for protecting distributed resources. Zero Trust and SASE are two architectural approaches that provide strong security in today’s cloud-first world. The information in this article will help you decide which strategy works best for your business. Robust cloud security is attainable.
Recipe for Zero Trust is just 7 ingredients. Where does it go wrong? Why is it so hard to nail? This webinar breaks it down in simple steps.
In this article, we’ll take a deep dive into attack vectors. You’ll learn what they are, the most common types, how they’re used, and why hackers continually use them to exploit vulnerabilities. By the end of this article, you'll have a thorough understanding of the fifteen most common types of attack vectors and what you can do to prevent your organization from falling victim to them.
It is no surprise that President Joe Biden issued a Zero Trust executive order to protect federal government networks. On May 12, 2021, recognizing the dire situation, Executive Order (EO) 14028 was issued, focusing on protecting the U.S. from cybercriminals and cyberattacks. EO 14028 specifically recommends Zero Trust Architecture as necessary to defend the nation against threat actors. This post provides a summary of Executive Order 14028.
In this article, we take a deep dive into Remote Browser Isolation (RBI), its history, and how it works. You'll learn about the common challenges associated with remote browser isolation and its importance in securing users from internet-based cyber threats. By the end of this article, you'll gain a complete understanding of remote browser isolation, as well as how it can be used to complement a Zero Trust framework.
In this article, we go over the man-in-the-middle attack definition and discuss the different types of these attacks. We'll take a deep dive into the dangers of man-in-the-middle attacks and address some examples. By the end of this article, you'll have a complete understanding of how a man-in-the-middle attack works and how to detect and prevent one.
In this article, we’ll take a look at insider threats in cyber security and the dangers they pose. You’ll learn the insider threat definition, who the insiders are, the types of insider threats to be aware of, and how to detect threats. By the end of this article, you’ll have a clearer understanding of the entire insider threat ecosystem and the best practices you can use to protect your organization, data, and systems.
In this article, we will take a comprehensive look at software-defined networking (SDN). You’ll learn what it is, how it works, and what its benefits and disadvantages are. You’ll also learn how SDN compares to and works with other types of networks and get answers to common questions.
In this article, we’ll review the basics of microsegmentation and discuss it in context with other network security models and practices, including Zero Trust, software-defined networking, and network segmentation. You’ll learn about the benefits of microsegmentation, how it works, challenges for implementation, and best practices.
Data breaches are a perpetual risk for modern organizations — and the wider your attack surface, the higher your organization’s risk of a breach. In this article, we will take a high-level look at what your attack surface is, what vectors and endpoints may be at risk, and how to analyze your attack surface.