Review: Practical Security Architecture

Adam Shostack

” Similarly, everybody has both enterprise and product architecture. I have to say that because “architecture” is much maligned for being heavyweight, disconnected, and irrelevant in today’s world of Dev-Opsy CI/CD moving fast and breaking things.

Hairpinning: The Bottleneck in Most Secure Web Gateway Architectures

Security Boulevard

The Bitglass SmartEdge SWG architecture uniquely addresses these concerns in several ways. The post Hairpinning: The Bottleneck in Most Secure Web Gateway Architectures appeared first on Security Boulevard.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

NCSC on Good Architecture Diagrams

Adam Shostack

The UK’s National Computer Security Center has a blog post on Drawing good architecture diagrams. threat modeling

Designing and Building a Security Architecture

Security Boulevard

A security architecture is an opportunity to work across projects in a consistent, systematic and structured. The post Designing and Building a Security Architecture appeared first on Security Boulevard.

Case Study: High Security Architecture for Healthcare Networks

Security Boulevard

We recently worked with one of the largest hospitals in Canada to enhance their Privileged Access Management strategy as they adopted a new, high-security architecture. The team set up an architecture in which one Distributed Engine handles the Tier 0 systems and the other Tier 1.

The Rise of Telemetry Architecture

Cisco Security

It is infrastructure for your telemetry so that you can go about putting together an architecture that serves your digital business. The Cisco Telemetry Broker is required infrastructure for a healthy telemetry architecture.

Strengthening Zero-Trust Architecture

Dark Reading

Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries

Service Oriented Architecture and Security

Doctor Chaos

Written by Mike Oliver LinkedIn: https://www.linkedin.com/in/mikeolivero4bo Website: [link] So what does Security, Cyber Crimes, Denial of Service, and other Security Concerns have to do with a Service Oriented Architecture? Does having a Service Oriented Architecture translate into having a more secure enterprise? Certainly having an Enterprise Architecture can translate into better security […].

NSA Releases Guidance on Zero-Trust Architecture

Dark Reading

A new document provides guidance for businesses planning to implement a zero-trust system management strategy

Hairpinning: The Bottleneck in Most Secure Web Gateway Architectures

CyberSecurity Insiders

The Bitglass SmartEdge SWG architecture uniquely addresses these concerns in several ways. The post Hairpinning: The Bottleneck in Most Secure Web Gateway Architectures appeared first on Cybersecurity Insiders

Containers require good architecture

InfoWorld on Security

Gartner is predicting growing container adoption by 2023, believe it or not. Are you sitting down? Data from its survey shows a surge in containerization of applications (and data).

Threat Model Thursday: Legible Architecture

Adam Shostack

What’s the legible architecture of a system? One of the advantages that cloud architectures bring is the opportunity to sweep away some of that historical complexity, and to create comprehensible models. That simplification carries value in terms of architectural consistency, makes it easier to impose checkpoints, and will be augmented over time with the accretion of complexity, inflexibility and eventually need to be swept away itself.

How Zero Trust architecture improves the organization’s network security

CyberSecurity Insiders

The post How Zero Trust architecture improves the organization’s network security appeared first on Cybersecurity Insiders. This blog was written by an independent guest blogger. In the cybersecurity field, Zero Trust is becoming a widely used model.

Taking Steps Toward an Impactful SASE Architecture

Security Boulevard

The post Taking Steps Toward an Impactful SASE Architecture appeared first on Security Boulevard. Given the complexity of digitization initiatives for most companies over the last decade, the world has grown acutely aware of how crucial good cybersecurity is for business health.

The Architectural Mirror (Threat Model Thursdays)

Adam Shostack

I last discussed this in “ Architectural Review and Threat Modeling “ ). A few weeks ago, I talked about “ reflective practice in threat modeling “, thinking about how we approach the problems we face, and asking if our approaches are the best we can do. Sometimes it’s hard to reflect. It’s hard to face the mirror and say ‘could I have done that better?’ ’ That’s human nature.

3 cloud architecture mistakes we all make, but shouldn’t

InfoWorld on Security

So, if mistakes are a natural byproduct of creating a good and innovative new architecture, then it’s time to look at the mistakes that are made most often. For cloud architectures, those mistakes should be understood by now and avoided.

Processor Morphs Its Architecture to Make Hacking Really Hard

Dark Reading

Researchers create a processor that uses encryption to modify its memory architecture during runtime, making it very difficult for hackers to exploit memory-based vulnerabilities

Webinar featuring IDC’s Mark Leary: Make your IT operations future-proof with the Branch of One architecture

Security Boulevard

The post Webinar featuring IDC’s Mark Leary: Make your IT operations future-proof with the Branch of One architecture appeared first on ManageEngine Blog. At the start of the pandemic, IT organizations had to undergo radical changes to support remote work.

Why Companies Do Need Enterprise Architecture at Downturn?

Doctor Chaos

Like a set of reference architectures, which in practice turn to be 80% different from architectures of previously deployed solutions or a […]. Written by Mike Oliver LinkedIn: https://www.linkedin.com/in/mikeolivero4bo Website: [link] Take it or leave it, but often EA is often referred to as a lengthy initiative with very unclear and practically not very applicable results.

AttackIQ Announces Major Platform Innovations to Bolster Informed Defense Architecture

Security Boulevard

–(BUSINESS WIRE)–AttackIQ®, the leading independent vendor of Breach and Attack Simulation (BAS) systems, today announced a series of technology innovations to the AttackIQ Informed Defense Architecture (AIDA).

Collaboration is key to a secure web application architecture

Security Boulevard

TechTarget recently ran an interview with "Web Application Security" author Andrew Hoffman, who explained the importance of a secure web application architecture and how to achieve it through collaboration between software and security engineers.

Unique P2P Architecture Gives DDG Botnet ‘Unstoppable’ Status

Threatpost

Malware Web Security analysis cryptomining ddg botnet Monero netlab 360 P2P peer to peer unique architecture unstoppableDDG might be the world's first P2P-based cryptomining botnet.

Building a scalable RAVPN architecture in Oracle Cloud Infrastructure using Cisco Secure Firewall

Cisco Retail

With Cisco Secure Firewall, organizations are able to build a scalable RAVPN architecture on OCI, providing employees secure remote access to their organization’s resources from any location or endpoint. In this architecture, we have deployed multiple firewalls in multi-availability domains.

What's Your Cybersecurity Architecture Integration Business Plan?

Dark Reading

To get the most out of your enterprise cybersecurity products, they need to work together. But getting those products talking to each other isn't easy

The Theory and Motive Behind Active/Active Multi-Region Architectures

Security Boulevard

The post The Theory and Motive Behind Active/Active Multi-Region Architectures appeared first on Security Boulevard. The date was 24th December 2012, Christmas eve. The world’s largest video streaming service, Netflix experienced one of its worst incidents in company history.

Creating a Defensible Security Architecture

Dark Reading

You'll be able to layer in multiple prevention and detection solutions and have a highly effective security architecture Take the time to learn about your assets.

Threat Model Thursday: Architectural Review and Threat Modeling

Adam Shostack

For Threat Model Thursday, I want to use current events here in Seattle as a prism through which we can look at technology architecture review. Let’s transition from the housing crisis here in Seattle to the architecture crisis that we face in technology. The meeting took not five whole minutes to go off the rails with suggestions about non-cryptographic architecture.

Retrieve Process Run-time Architecture on Apple Silicon Macs On The Command Line with `archinfo`

Security Boulevard

Activity Monitor can show the architecture: but command line tools such as ps and top do not due to Apple hiding the details of the proper sysctl() incantations.

BSides Calgary 2020 – Jason Maynard’s ‘Security Can Do Better: Think Security Architecture’

Security Boulevard

The post BSides Calgary 2020 – Jason Maynard’s ‘Security Can Do Better: Think Security Architecture’ appeared first on Security Boulevard.

BrandPost: Network Security and the Heart of a Zero Trust Architecture

CSO Magazine

The heart of any Zero Trust Architecture (ZTA) is an authorization core involving equipment within the control plane of the network that determines this confidence and continually evaluates confidence for every request.

The Key Components and Functions in a Zero Trust Architecture

Thales Cloud Protection & Licensing

The Key Components and Functions in a Zero Trust Architecture. Zero Trust architectural principles. NIST’s identity-centric architecture , I discussed the three approaches to implementing a Zero Trust architecture, as described in the NIST blueprint SP 800-207.

3 cloud architecture secrets your cloud provider won’t tell you

InfoWorld on Security

Do you have an optimized architecture? So, here are three cloud architecture secrets that you’ll never hear from your cloud provider: To read this article in full, please click hereThis means that your solution maximizes efficiency and minimizes costs.

Finding Beauty In The Architecture

Threatpost

A good appreciation and respect for good real-world architecture goes a long way when it comes to architecting resilient systems. Hacks InfoSec Insider Web Security AWS Comcast customer premise equipment datacenter DDoS Global Traffic Management load balancers

The Security Checklist for Designing Asset Management System Architectures

Heimadal Security

The post The Security Checklist for Designing Asset Management System Architectures appeared first on Heimdal Security Blog. In a previous article, I have broached the topic of Software Asset Management and how it consociates with IT Asset Management.

BSidesNoVA 2021 – Rich Wickersham’s, David Martin’s, Dan Higham’s And Robert Lowe’s ‘Panel: Cyber Engineering & Architecture’

Security Boulevard

The post BSidesNoVA 2021 – Rich Wickersham’s, David Martin’s, Dan Higham’s And Robert Lowe’s ‘Panel: Cyber Engineering & Architecture’ appeared first on Security Boulevard. Our thanks to BSidesNoVA for publishing their outstanding videos on the organization's YouTube channel. Permalink.

Zero Trust 2.0: NIST’s identity-centric architecture

Thales Cloud Protection & Licensing

NIST’s identity-centric architecture. In August, the National Institute of Standards and Technology (NIST) released its blueprint for establishing a Zero Trust security architecture, NIST SP 800-207. Zero Trust 2.0: madhav. Fri, 12/04/2020 - 05:15.

10 tips for securing microservice architecture

Tech Republic Security

Microservices are subcomponents of applications which can yield greater efficiencies. Learn about their benefits as well as security best practices

Where to Find Security Holes in Serverless Architecture

Dark Reading

Serverless architectures take away business responsibility for server management, but security should still be top of mind

Fairhair Alliance Building IoT Security Architecture

Dark Reading

A group of companies in the building automation and IoT space is working for a coherent security architecture that incorporates multiple standards

The Network is Key to Securing the Everywhere Perimeter

Security Boulevard

Cybersecurity Endpoint Mobile Security Network Security Security Boulevard (Original) distributed architecture perimeter stealth networking virtual network overlays

Transform your Architecture for the Cloud with MVISION UCE and SD-WAN

McAfee

“Features are a nice to have, but at the end of the day, all we care about when it comes to our web and cloud security is architecture.” – said no customer ever. The Cloud and the Architectural Dilemma. Build a Cloud-Ready Network Security Architecture Today.

Feedify cloud service architecture compromised by MageCart crime gang

Security Affairs

The post Feedify cloud service architecture compromised by MageCart crime gang appeared first on Security Affairs. MageCart cyber gang compromised the cloud service firm Feedify and stole payment card data from customers of hundreds of e-commerce sites. MageCart crime gang appears very active in this period, payment card data from customers of hundreds of e-commerce websites may have been stolen due to the compromise of the cloud service firm Feedify.

Architectural Analysis IDs 78 Specific Risks in Machine-Learning Systems

Dark Reading

The new threat model hones in on ML security at the design state