Back in 2010, John Kindervag, the then-principal analyst at Forrester, coined the term Zero Trust. The idea behind this edgy-sounding concept was that when it comes to network security, nothing can be trusted and everything — and everyone — should be verified.
The foundations that support our systems are built with connectivity and not security as an essential feature. TCP connects before it authenticates. Security policy and user access based on IP lack context and allow architectures that exhibit overly permissive access. Most likely, this will result in a brittle security posture.
You’re probably at least a bit familiar with Citrix, the software giant responsible for desktop virtualization, networking and SaaS services that are in use at millions of companies around the world. It is used by Fortune 500 organizations, the US Military and many government agencies It is a central element of how many businesses conduct their operations today.
Over the last few weeks, Safe-T has provided a basic introduction to the tools and operating systems that you’ll use as a member or leader of a red team. Now, let’s contextualize them – how would you use these tools in the context of an actual security exercise?
What does it look like when you secure a file with Safe-T? We talk a lot about creating granular access controls and integrating with your existing security structure, but it may just be easier to put the whole journey in context. Starting with an email and an attachment, here's how Safe-T’s Secure Data Exchange solution takes care of a file – and its accompanying text – in order to keep it safe, auditable, and easy to use.
For a certain kind of secure communication, Server Message Block (SMB) is no longer suited for the task. Windows machines use SMB to pass files around a network. Printers, mail servers, and high-priority internal network segments use SMB to provide access to remote users. Although SMB is convenient for Windows and other networks, it’s also convenient for attackers.