Discover and read the best of Twitter Threads about #zerotrust

Most recents (6)

I've got trust issues. We all do. Some infosec pros go so far as to say #TrustNoOne, a philosophy more formally known as #ZeroTrust, that holds that certain elements of your security should *never* be delegated to *any* third party. 1/
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

pluralistic.net/2022/11/09/inf… 2/
The problem is, it's trust all the way down. Say you maintain your own cryptographic keys on your own device. How do you know the software you use to store those keys is trustworthy? Well, maybe you audit the source-code and compile it yourself. 3/
Read 69 tweets
IMO #DevSecOps has a close-knit relationship with #ZeroTrust. Let's dive in with a 🧵
I've already tried to cover ZeroTrust as a summary here 👇2/
The way I see it, both the identity and policy aspects of ZeroTrust require/can do with a solid "shift left" approach of being able to incorporate identity and policy checks in the build/deployment flows. 3/
Read 7 tweets
Ok, so here's my take and recommendations from Identity Security lens on the #log4j2 vuln impact for #zerotrust and #AzureAD. TLDR: It's time for "EXTREME ZT: LPA ALL THE THINGS!" <thread>
The simple fact is that for whatever reason, we're getting an amazing look at what happens when responsible disclosure doesn't go to plan and the attackers and the defenders get vuln info at the same time. As a defender, you are certainly in a deep assessment/patching phase...
But you have a super complex environment evolved over years. All of your endpoints, all of the apps you depend on, all of your IoT devices, OT devices, etc. are potentially vulnerable and being probed for impact... and even you aren't sure where log4j2 has been used.
Read 24 tweets
The digital RMB or China’s new CBDC is the single largest threat to the free world TODAY. China intends to exert its digital authoritarianism world-wide with this Trojan horse of an AI “currency”. It’s a cancer that MUST be banned at all costs. @ABlinken 1/3
I will be expanding our views on this situation in the coming weeks. Imagine China being able to control the thoughts and actions of everyday Americans, Brits, Germans, Japanese...this will make private crypto a SIDESHOW. It’s time to focus and discuss now because China has 2/3
Moved forward it’s launch by almost an entire year due to their surveillance operatives unearthing plans being made to stop it in its tracks. This is the open battlefield for the rules-based order. #trojanhorse #DigitalRmb #Bitcoin #cryptocurrency #ZeroTrust
Read 4 tweets
So your new to #Signal, and want to be secure as humanly possible?

How do you make it more #ZeroTrust

Let's begin

1. Turn on Screen Lock and Incognito Keyboards so that your sessions are just yours an not anyone else.

Removing the compromise option is the goal here.
#Signal Messenger is a messaging client just like any others, automatic downloading of video and audio are a big no no, unless you actually have AV and Malware STIGS in place

Always ensure you manually chose what files are downloaded to your device.
#Signal actually is prepared for the Regulatory Compliance market was it maintains #COOP and #DRP options.

By ensuring an encrypted backup is done you don't have to "icloud" your privacy away.
Read 6 tweets
1 of 8: On our journey to a #ZeroTrust #cybersecurity model, @Akamai is helping customers get there with us. How many of these 7 steps are you taking to adapt to a world of #ZeroTrust? (thread follows)
1. Provide users with application-only access, not network access—on a need-to-know basis, based on user identity, device posture, authentication and authorization
2. Eliminate the ever-growing list of holes punched in your firewall that expose your network infrastructure to the public internet. If malicious actors can’t find your network, they can’t attack it.
Read 8 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!