Back in 2010, John Kindervag, the then-principal analyst at Forrester, coined the term Zero Trust. The idea behind this edgy-sounding concept was that when it comes to network security, nothing can be trusted and everything — and everyone — should be verified.
The foundations that support our systems are built with connectivity and not security as an essential feature. TCP connects before it authenticates. Security policy and user access based on IP lack context and allow architectures that exhibit overly permissive access. Most likely, this will result in a brittle security posture.
You’re probably at least a bit familiar with Citrix, the software giant responsible for desktop virtualization, networking and SaaS services that are in use at millions of companies around the world. It is used by Fortune 500 organizations, the US Military and many government agencies It is a central element of how many businesses conduct their operations today.
Over the last few weeks, Safe-T has provided a basic introduction to the tools and operating systems that you’ll use as a member or leader of a red team. Now, let’s contextualize them – how would you use these tools in the context of an actual security exercise?
For a certain kind of secure communication, Server Message Block (SMB) is no longer suited for the task. Windows machines use SMB to pass files around a network. Printers, mail servers, and high-priority internal network segments use SMB to provide access to remote users. Although SMB is convenient for Windows and other networks, it’s also convenient for attackers.
Cryptocurrency startups are still all the rage these days, but many of these companies have had a "break rules first, settle lawsuits later" approach to operating.
At Safe-T, we’ve been delivering innovative, award-winning solutions based on our Software Defined Access solution for years. Part of the value we offer is in accelerating ROI by enabling customers to plug-in solutions from third-party security vendors, enhancing existing protections.