1 hour 17 minutes
Hello and welcome back. We've got some learning objectives to go over with the next section,
and in this next section we're gonna focus on the fundamentals of zero trust. We'll also take a look at client initiated attacks
and also pivot in on a traditional network.
So stay tuned. Thanks for being here.
The big fundamentals.
I love this title
as a basketball sports fan. I loved watching the Los Angeles Lakers face off against the San Antonio Spurs.
Shaquille O'Neal, or shack as most of us refer to him, would always refer to San Antonio Spurs power forward Tim Duncan
as the big fundamentals,
and it was such a contrast in style between the two teams.
The Lakers had a lot of flash, and the Spurs had great ball movement that
have the ability to allow them to execute with precision.
And so the Spurs were ableto put the ball in everyone's hands before a shot was taken
and the Lakers primarily dependent on shack or their other perennial all star, Kobe Bryant.
And when I think about the Spurs and how they play the game of basketball, it was always the fundamentals that kept them in the championship conversation.
And now, much like the San Antonio Spurs, you must go back to the basics and look closely at how the game is being played, from how our workforce works and how our adversaries operate. It's not enough that he purchased the best perimeter firewall when I work Forces Mobile
and bring your own device or B Y. O. D
is coming to every organization now, with cloud adoption quickly winning the hearts and minds of our business leaders,
we have to go back to the fundamentals.
So let us take a look at the fundamentals that make up zero trust model
and wide, so appealing for our security professionals and information technology professionals. In general,
we have. The network is always assumed to be hostile.
The external and internal threats exist on the network at all times.
Network locality is not sufficient for deciding trust in the network.
Every device, user and network flow must be authenticated and authorized,
and policies must be dynamic and calculated
from his many sources of data as possible.
Fundamental number one. The network is always assumed to be hostile,
we want to secure systems with strict security measures, no matter what zone there residing
Well, what purpose they serve,
And why do you think that is?
Well, think about this.
The networks of the past didn't require Internet
access to provide functionality to its employees. But in today's networks, more service's are hosted in the cloud and are moving away from our own data centers.
And when I talk about the past, I'm really referring to like the sixties and seventies, when the Internet wasn't such a commodity. It wasn't something that was a household benefit or even available to all businesses, right?
You know how many of us pull up at a drive through
and before you leave, you check your bags to make sure you have all that you ordered?
If you've done that, you're essentially performing SSL inspection, right? You know, when that cash air smiles at me and says, It's all there, have a nice day. I smile back. But I opened my bag and I moved the contents in the bag around to make sure
it's the way it is and not the way I see it or the way they see it.
You know, some of you may wait until you get in the car before you start your SSL inspection, but not me, Right? So we're learning that good service is will open your bags and review the order with you.
Is that kind of attention to detail that zero trust models will bring to your network?
So in this slide, we got a hostile takeover.
So we want to see
this client initiated attack that creates connections.
And some of you, if not all of you probably have heard of the term reverse shell.
Now her show is what we see with this visual.
You know, this type of attack is commonplace and can be very successful and bypassing perimeter firewalls due to reduced or relax outbound security. See, our adversaries
are very good at masquerading the phone home as normal Web traffic.
So networks don't want to break the business with stringent bound security
for their users. And what we see due to our conditioning about how we treat network zones,
is that outbound security is much tighter in R, D, M Z
and other zones that are relatively closer to the Internet.