Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Integrity: A Key Facet of Zero Trust
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Integrity: A Key Facet of Zero Trust

4 years ago Maurice Uenuma
Integrity: A Key Facet of Zero Trust

On May 12, The White House published its Executive Order (EO) on Improving the Nation’s Cybersecurity. The directive outlined a set of focus areas intended to improve cybersecurity for the federal government and critical infrastructure sectors including information sharing, supply chain security, endpoint detection and response, and cloud security.

Of particular emphasis was the need for broad implementation of Zero Trust Architecture (ZTA), a set of design principles intended to continuously revalidate the authenticity and authorization of persons, devices, and services, assuming a “deny-by-default” approach to security given the deterioration of any defensible perimeter in enterprise networks. It explained, “The Federal Government must … advance toward Zero Trust Architecture.” It went on to note how Federal Civilian Executive Branch (FCEB) agencies must “develop a plan to implement Zero Trust Architecture, which shall incorporate, as appropriate, the migration steps that the National Institute of Standards and Technology (NIST) within the Department of Commerce has outlined in standards and guidance.”

That last part refers specifically to NIST’s Special Publication (SP) 800-207, a document which identified seven basic tenets of zero trust. One of those principles stood out to us here at Tripwire. It reads as follows: “The enterprise monitors and measures the integrity and security posture of all owned and associated assets.”

This makes perfect sense, as Zero Trust is fundamentally about the continuous revalidation of trustworthiness of the connecting entity in an enterprise environment. Fundamentally, trustworthiness is based on integrity, and integrity is only possible through continuous efforts to maintain it. For any connecting entity, integrity is maintained through faithful monitoring to ensure desired and secure state.

Integrity of systems is a central part of what Tripwire works to ensure on a daily basis. It uses File Integrity Monitoring (FIM) to determine when files change, how they change, who changes them, and what actions someone can take to reverse unauthorized and/or suspicious modifications. However, we haven’t discussed integrity in the context of Zero Trust before. Let’s do that now.

The Nine Applications of Integrity for Zero Trust

Security teams can use integrity to assign trustworthiness in their employer’s environments. There are nine areas where they can focus their integrity initiatives. These are as follows:

  • System Integrity helps security teams to protect their critical assets against unauthorized changes using security controls such as FIM, secure configuration management (SCM), and vulnerability management (VM).
  • Data Integrity prioritizes efforts that protect against data corruption events. This includes data backups, encryption, as well as Identity and Access Management (IDAM).
  • Security Control Integrity enables security teams to capture a snapshot of their systems’ security controls and compare them to industry-leading standards such as the Center for Internet Security’s Critical Security Controls (CIS Controls), the Payment Control Industry’s Data Security Standard (PCI DSS), and the Health Insurance Portability and Accountability Act (HIPAA).
  • Network Integrity focuses on ensuring the reliability of network connections and protecting data as it travels across the network. To ensure this type of integrity, security teams can use firewalls, network-based Intrusion Detection Systems (IDS), secure remote access, and Virtual Private Networks (VPNs).
  • Database and Application Integrity involves determining which applications are running in an organization’s infrastructure. With that knowledge, security teams can determine how those applications are configured so that they can create behavior baselines and monitor for deviations.
  • Firmware Integrity operates similarly to Database and Application Integrity in that it empowers security teams to visualize and manage their firmware’s configurations so that they can defend against potential compromises.
  • Physical Integrity emphasizes the use of access controls, security monitoring, and other measures to protect critical assets against hazards such as fires, floods, earthquakes, and electric power interruptions.
  • Process Integrity upholds the notion of bringing all security processes together into a holistic approach. It leverages Security Incident and Event Management (SIEM) as well as a Security Operations Center (SOC) to integrate those security controls.
  • People Integrity focuses in on trusting individuals who are authorized to access Information Technology (IT) and Operational Technology (OT) systems, interact with data, and oversee corporate security efforts. It does this via security awareness training, behavior analytics, and other control.

Concrete Examples of Integrity’s Applications in Action

Let’s examine what some of integrity’s applications might look like in action. First, there’s Network Access Control (NAC). With Network Integrity, Physical Integrity, and other applications at its center, NAC allows security teams to limit instances of access based upon identity, vulnerability risk, configuration, and other properties. It thereby gives personnel a means to validate every potential network connection, which is one of zero trust’s foundations.

Micro-segmentation is another use case for integrity in the context of zero trust. This particular security control accounts for the possibility that an attacker could compromise an endpoint or leverage a hacked account to gain access to the network. With micro-segmentation, security teams can segment and isolate workloads to direct their security efforts and make access decisions. It thereby helps to prevent malicious actors from abusing a foothold to move laterally across the entire corporate network.

An important part of preventing a compromise in the first place is to ensure that a targeted system is in a desired, secure state. By applying Secure Configuration Management (SCM), systems are “hardened” to reduce the risk of compromise. Taking this a step further, continuous monitoring through FIM alerts security teams to changes in the configuration of systems that may cause them to deviate from desired—or compliant—state. The FIM capability also serves an important function as an intrusion detection trigger, alerting teams to potential compromise.

Finally, integrity factors into what’s known as a Trust Policy Engine. This is where security teams evaluate both ends of a requested connection for trustworthiness and present the other side’s trust score to each party. Depending on those scores, those assets’ respective Trust Policies will either approve or reject the connection request.

A Foundation of Zero Trust

To learn more about how integrity facilitates zero trust, please download your copy of Tripwire’s whitepaper here: https://www.tripwire.com/misc/building-a-foundation-for-zero-trust.  

The post ” Integrity: A Key Facet of Zero Trust” appeared first on TripWire

Source:TripWire – Maurice Uenuma

Tags: Cloud, Critical Severity, Malware, Ransomware, TripWire

Continue Reading

Previous Microsoft Sees Rampant Log4j Exploit Attempts, Testing
Next Tips, Advice, and Insights on Achieving Buy-in for Cybersecurity Projects

More Stories

  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

1 hour ago [email protected] (The Hacker News)
  • Data Breach

Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

4 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

6 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

8 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

9 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

10 hours ago [email protected] (The Hacker News)

Recent Posts

  • China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns
  • Orchid Security Introduces Continuous Identity Observability for Enterprise Applications
  • The First 90 Seconds: How Early Decisions Shape Incident Response Investigations
  • Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers
  • Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT