SAFE-T; A Progressive Approach To Zero Trust Access

SAFE-T; A Progressive Approach To Zero Trust Access

The foundations that support our systems are built with connectivity and not security as an essential feature. TCP connects before it authenticates. Security policy and user access based on IP lack context and allow architectures that exhibit overly permissive access. Most likely, this will result in a brittle security posture ... Read More

Multi-Cloud Design: The Priority Focus Should be on Application Security, Part 2

| | articles, Web Security Zone
This is part-2 of a 2 part series that discusses the risks involved for application security in the new multi-cloud environments. This part introduces the requirements for multi-cloud, the types of multi-clouds and the risks they transport to application security. Requirements for multi-cloud So why is there a need for ... Read More

Multi-Cloud Design: The Priority Focus Should be on Application Security, Part 1

| | articles, Web Security Zone
This is part 1 of a two part series that discusses the risks involved for application security in the new multi-cloud environments. This part introduces cloud threats to the application, different types of cloud types and finally the latest multi-cloud design. Introduction The World Wide Web (WWW) has transformed from ... Read More

Preparing for Artificial Intelligence (AI) DDOS Attacks, Part 2

This is part-2 of a 2 part series that discusses the evolution from human to machine based DDoS attacks. It specifically delves into how to prepare for such attacks while keeping low positives and negatives to industry standard low. The Evolution of DDoS In the early 2000’s, we had simple ... Read More

Artificial Intelligence (AI) used in DDOS Attacks

This is part-1 of a 2 part series that discusses the use of Artificial Intelligence (AI) to compromise web applications. This part introduces the concept of AI and its use for destruction by cybercriminals. The speed at which cybersecurity has evolved over the last decade has taken everyone by surprise ... Read More

Sail Smooth with Cloud Threats, Part 2 – Cloud APIs

This is part-2 of a 2 part series that continues to discuss cloud threats and how they affect web applications in the cloud. The following addresses insecure API’s and Management Plane, deepening the threat landscape. Management Plane – Security Perspective The cloud API management plane is one of the most ... Read More

GDPR: Data Controllers Be Prepared

As we delve deeper into the digital world of communication, from the perspective of privacy, the impact of personal data changes in proportion to the way we examine security. As organizations chime in this world, the normal methods that were employed to protect data have now become obsolete. This forces ... Read More

Sail Smooth with Cloud Threats – Cloud Security Issues

This is part-1 of a 2 part series that introduces the cloud and the types of threats and cloud security issues that opens the web application to compromisation. The following post addresses hypervisor breakouts, also known as VM escape. Cloud Introduction Cloud computing is the technology that equips the organizations ... Read More
The Evolving Security Paradigm, Part 2

The Evolving Security Paradigm, Part 2

This post is part 2 of a two-part series that addresses the rapid changes in security paradigms. The change to security not only affects operation, it increases the level of complexity in security designs. The following post discusses the history of security paradigms and the challenges that arise from their ... Read More
The Evolving Security Paradigm, Part 1 – History of Firewalls

The Evolving Security Paradigm, Part 1 – History of Firewalls

This post is part 1 of a two-part series that addresses the rapid changes in security paradigms. Driven by the need to satisfy new requirements and keep pace with the digital world greatly impacts the level of security. The following post introduces the history of firewalling and security paradigms. Introduction ... Read More