BeyondCorp Weekly 13
Ivan Dwyer - March 28, 2017
As promised last week, I have videos to share. First, I will shamelessly plug my own talk during the BeyondCorpSF Meetup held at Heavybit Industries earlier this month. The key theme was how Zero Trust is changing our notion of Identity & Access, and what this means from a broader market perspective. Have a watch.
http://www.heavybit.com/library/blog/beyondcorp-meetup-google-security-for-everyone-else/
For a more technical deep dive, Evan Gilman and Doug Barth gave a talk about network design at last week’s SREcon. They dove into their experience designing a resilient, highly available Zero Trust network while at PagerDuty. Great stuff.
https://www.usenix.org/conference/srecon17americas/program/presentation/barth
Thanks to those who answered my call from last week’s newsletter to share thoughts around BeyondCorp in your own work. It’s been great to hear about your initiatives, and the challenges you’re facing ahead. I plan to do a more formal writeup of the common questions/comments I’ve been hearing in conversation to start building up a community knowledge base. I’d love to hear from more of you, so feel free to drop me a note.
Here are a few things that caught my eye this past week.
Answering the #1 Question in Identity Management [RSA]
On the topic of identity, a recent study by IDG found that better authentication is a top want for many organizations due to the difficulties in tracking devices and enforcing policies with new users. Google has been able to enforce better security practices with BeyondCorp through a mandate from the top, and a diligence in tracking users and devices.
Today’s Most Installed Software: Google Chrome, Adobe Reader, Flash Player [Bleeping Computer]
Yet another survey, but one with a single glaring statistic - more than half of active software installs are out of date. Again, better security practices, such as keeping software up-to-date, are a by-product of a BeyondCorp-like system. By enforcing policies when accessing company resources, users will start making better decisions, to the point where it becomes second nature.
Prioritizing Threats: Why Most Companies Get It Wrong [Medium]
Making a bold statement, Michael Davis points out that companies generally focus on single attack surfaces when they should be looking at how things are related to each other. This can be achieved by following potential flows of traffic, and inspecting access controls from one resource to another.
Lessons Learned in Detection Engineering [Medium]
As someone who has really been examining how various companies run their security, Ryan McGeehan shares insight into what he’s found with intrusion detection programs. Here he discusses the relationship between risk and mitigation in terms of monitoring and alerting. Fascinating as always.
Introducing Threat Operations: TO in Action [Securosis Blog]
Closing out his series on threat operations, Mike Rothman puts his theories into action with a hypothetical scenario. The right balance of automated systems and human intelligence lead to more effective workflows and processes to handle extreme situations. Similarly, proper monitoring & alerting mechanisms are crucial to make the right connections.
Upcoming Events
InfoSec Southwest
Apr 7 - 9
Austin, TX
Rocky Mountain InfoSec Conference
May 9 - 11
Denver, CO
That does it for this week. Check back this time next week for another set of relevant news, articles, and events. Cheers,
Ivan at ScaleFT
Ivan Dwyer
Ivan Dwyer is the VP of Product Marketing at ScaleFT, working with the community to raise awareness around BeyondCorp and Zero Trust for organizations of all kinds looking to modernize their security architecture.
