Zero Trust

Jump to latest Follow Reply
Trevor Chandler

Trevor Chandler

Well-known member
Jul 4, 2020
633
573
23,536
#1
Zero Trust Fundamentals:
- effective against insider threats
- effective against lateral movement
- effective against cloud vulnerabilities

Zero Trust Key Components
- identity verification
- continuous monitoring
- network segmentation



How does a company go about assessing is current security posture?


What are some of the ways to go about securing endpoints?
 
  • Love
Reactions: precious
#2
Great breakdown of Zero Trust!....

By doing risk assessments, penetration tests, security audits, and compliance checks against frameworks such as NIST or ISO, a company can evaluate its security posture. Finding vulnerabilities is also aided by routine gap analysis and vulnerability scans.

To secure endpoints, implement EDR solutions, enforce MFA, ensure regular patching, use encryption, employ application whitelisting, and conduct user training to prevent phishing and social engineering attacks.
 
  • Love
Reactions: Trevor Chandler
#3
precious said:
Great breakdown of Zero Trust!....

By doing risk assessments, penetration tests, security audits, and compliance checks against frameworks such as NIST or ISO, a company can evaluate its security posture. Finding vulnerabilities is also aided by routine gap analysis and vulnerability scans.

To secure endpoints, implement EDR solutions, enforce MFA, ensure regular patching, use encryption, employ application whitelisting, and conduct user training to prevent phishing and social engineering attacks.
Click to expand...
Let me begin with a thanks for the complement!!!

Now, as usual, you've hitting the nail squarely on the head with your comments!!!
That one part, in that final sentence, did get my attention: "... to prevent phishing and social
engineering attacks." Prevent? Can these really be prevented? If you believe so, don't
provide the recipe publicly. Let's meet privately, so that we can put together a plan on
how to sell the solution. We'll make a fortune :)
 
  • Haha
Reactions: precious
#4
Trevor Chandler said:
Let me begin with a thanks for the complement!!!

Now, as usual, you've hitting the nail squarely on the head with your comments!!!
That one part, in that final sentence, did get my attention: "... to prevent phishing and social
engineering attacks." Prevent? Can these really be prevented? If you believe so, don't
provide the recipe publicly. Let's meet privately, so that we can put together a plan on
how to sell the solution. We'll make a fortune :)
Click to expand...
You are very welcome, and I appreciate your thoughts on the topic!..... While 'prevent' might be a strong word, I would say we can greatly reduce the likelihood of falling victim to phishing and social engineering attacks through a combination of awareness training, strong policies, and technical controls. It’s more about building resilience than total immunity due to human vulnerabilities that we can never patch.......
 
You must log in or register to reply here.
Top Bottom
Back
Jump to latest Follow Reply
Jump to latest Follow Reply
Home
Media
Resources
Menu