Security News

Many security teams are looking to better understand zero trust security and SASE, including whether or not they are mutually exclusive or compatible. What exactly are each of these security models, and how can companies determine which one will be more appropriate for their security teams as they seek to protect the broader business from cyber threats?

As further proof of the effectiveness of the model, Kindervag says that the zero-trust strategy is widely deployed in some of the world's most secure environments, which is why we've seen the NSA provide guidance on Zero Trust from their perspective recently. Among the pitfalls that organizations that opt to implement a zero-trust model should try to avoid he singles out two: thinking that Zero Trust is binary, and deploying products without a strategy.

Attackers tried to insert backdoor into PHP source codeThe PHP development team has averted an attempted supply chain compromise that could have opened a backdoor into many web servers. The growing threat to CI/CD pipelinesBy hardening CI/CD pipelines and addressing security early in the development process, developers can deliver software faster and more securely.

Cloudentity and Okta are delivering on the promise of zero trust authorization for open banking services. Open banking enables customers, partners and employees to access applications, data and services regardless of their location, device or network.

Applications: Convert all shadow IT, shadow cloud, and bring-your-own applications to managed and secured applications. This is common because it seems easier to prove zero trust by starting with one application.

Security leaders embracing zero trust identity security. 88 percent of respondents said adopting more of a zero trust approach is "Very important" or "Important."

The pandemic-driven shift to remote work has significantly changed how companies are investing in identity and access management capabilities and zero trust security, according to a survey from Ping Identity. "Business leaders have been faced with an urgent need to invest more in identity security capabilities to effectively secure employees and customers in a dispersed work environment," said Andre Durand, CEO of Ping Identity.

One option that is often touted is a zero trust model through which access to critical resources is scaled back and granted only under specific conditions. Sponsored by CyberArk, "The CISO View 2021 Survey: Zero Trust and Privileged Access report" collected the advice based on interviews with 12 top security executives from Global 1000 companies.

Cyemptive Technologies announced Cyemptive Zero Trust Access, a technology that provides comprehensive secure access to networks from remote locations. Cyemptive informed the Department of Homeland Security and Senate of virtual private network hacks against mainstream firewall technologies in November 2019 and since then has focused on developing a secure remote access solution, resulting in Cyemptive Zero Trust Access.

Cloudflare launched Cloudflare Browser Isolation, a new zero trust service to make everyday web browsing safer and faster for all businesses, regardless of where their employees are. As businesses rely on employees working directly in browsers, Cloudflare Browser Isolation keeps them safe by creating a gap between end-user devices and potential threats.