KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Thank you. Thank you again. And I'm so glad to be here one more time.
And yes, I have this kind of question. I think during the, this event, some of the people are talking about the zero trust, you know, concepts and something like that. But my idea here is here is try, present, present to you some principles and suggest something about this topic, right? So let me present me. So this is my contact in the linking and some social, social medias. If you'd like to share me, it's good. If you have some questions about the stop and I I'm.
So I would like to talk with you the social medias and I'm talking from Brazil and I'm a pretty support security research in, you know, in, in zoo innovation here in Brazil and I, a research manager in hacker secured as well. Right? So I'm writer too.
And I, I, I write some articles in the best magazine and another magazines in Europe. And in my, in my social medias, we have these kind of informations, right? So this is the, like a agenda summary that we talking during the presentation, what is zero trusted? The principles like, you know, I would like to suggest some architecture, maybe a brainstorm, and what can we do?
Because, you know, we have some ideas. So what we can do with these ideas in this case, in the end, some questions, right? So very simple because actually, I think many people talking are talking during the, the event about this topic is zero trust. So the idea behind the zero trust is, you know, is no one it's, you know, trust basically is very simple explanation, of course, but the idea it's, it's talk about this because in the past we have a VPN or another kind of, you know, secured process in the network or the environment of the company.
But of course, you know, we have now, now the new journey, not the new journey, basically. I think it's maybe the best journey.
You know, the, actually the companies has enterprise environment, but now many companies are born in the, in a cloud, right? So we have a many, you know, serverless infrastructure it's maybe, you know, different to understand sometimes because how it's possible, you know, to, to, to grow a company without, you know, in infrastructure, it, maybe something gets confused, right? So the idea it's talk about some principles during the, during this time.
So first of all, it's, I need to understand about the arch chapter, my check, you know, so the idea is, understand what I have about the users, devices, and their service, how, how this kind of persons or people, not people, because I have a users, I have a devices, I have a service different process inside the company. I need to know about this inside my company. This is the first principle. The second principle is create a single strong user identity. I think it's the main, the main point or the main point here.
When you talk about zero trust, it's very important to understand this point identity. I think it's, this is the, the main point here, because I need to understand if my organization should use a single user directory, or if I need to create accounts that are linked to individuals, how I can create this kind of instructor inside of my company, the third, the third principle it's create a strong device data. Can you see here? You see again, the, the word identity. This is the main point. It's my opinion.
Of course, I, I think it's, we have many other specialists talk about the zero trust, but I think it's identity. It's a very, very, very important point here. Return here. Yes. Each device on it by your organization should bely identifiable and a single device directory. If you see, I put here the reference, because it's very interesting, this kind of project talking about the zero trust, it's open search project, you know, you can, you know, follow this project. You can collaborate off this project is very, very interesting.
I collected this information over there and I, I think it's very, very, very interesting. And I am talking in many conference in Europe, in the us, in Latin America, and basically talking about the open source products. I think it's very interesting when you have this kind of product, because you can, you know, growing with them, you can, you know, building a good, good community and security community, of course. And another principal to, to build this kind of concept is authenticate everywhere, right?
Because of course we have in the middle of the pandemic, you know, and I am in Brazil by the way. And you are in, maybe in Europe, maybe some people are watching us in us, for example.
And, and of course, many companies having been hearing many peoples around the world. So can you see, you need to protect this kind of authentication applications or process. You have a many cloud apps, so you need to protect this kind of application. So if you don't trust, you need, you know, the, as you need to assume that network is holistic, authentic, it's all connections, you know, everywhere. Everyone is untrusted. Basically the, the five, another principle is know the health of your device and the service.
Another, you have a users, you have a device and you have a service because, you know, users, the users using use use the device and inside the device, you have mini service, you know, all those environment are working together, right? So the health is of devices and the service is one of the most important signals to use.
Again, confidence in them. It's very correct. This affirmation because you know, the device and services it's is manipulated from the user, right?
So, and of course, if all those applications are available to the internet, you know, you, you can be vulnerable, right. And another principal is fo you are monitoring on devices and service, right? So this is another principal I importance to the zero trust. So give that the, give the device that device and service are more expos to network attack. And of course, right, because as I mentioned in the traditional, let's talk this form, you know, this way that the traditional check, we have users outside the company, we have a user inside the company.
We have a VPN, like in the middle, like a, a DMZ. And you know, if you are a, a, you know, a threat actor or like a packer, because I don't like to use the hacking name because the hacking is a future. Right? And by the way, I, I am a advocate from the, hacking's not a crime project in the us. And that's our, you know, our idea to talk about the hacking it's future, you know, and the threat actors. So the people do bad things and like attack attack or something.
And if you have your network, you know, open on the internet, because as I mentioned in the pandemic, many people works, you know, works from home. So you need to adapt it to this kind of situation, and you need to protect yourself, protect your company and, and something like that. Right? So that's another, prepo important. Another prepo is set policies according to the value of service or data not. Or in this case, I may, I think it's better used services and data because it's very important.
The, the power of as a trajectory comes from the access policies you define. Perfect. Perfect. Perfect.
Because, you know, do you remember, I, I mentioned identity processes, right? So, but if you have the identity process, you need to apply something above this. It's very simple. What thing you need to apply above this? The policy it's very simple, right? So that's the point here? The policies it's responsible to, you know, like a tell to tell the, the access you can go from, from there, you can go for here and something like that, right.
And another principal is access to your services and data service and data, or again, you know, so each request to a service should be organiz Ze, outide for sorry, against the policy. Perfect. Right. So another very interesting policy, no policy principle, sorry, because again, you need control all the access and the people you can imagine. For example, if I am, I am inside the company, I have the simple access. I need to go to the, any applications.
If I, if I have access in around the environment, the company, if I receive an attack, if, if the attacker has my access, they can, you know, access the company. So because of this, it's very important. Don't trust the network include the local network, very simple and very true principle, right? So in order to remove truth trust from the network, you need to build a trust into device and the service.
I think it's, this is the, the change of mind, you know, because usually the people on trust who works or living outside my company, but in this case, zero trust, I need to talk about the local network inside a network and choose two services, design force for zero trust. Perfect. You need to building you to building this in your environment, right? So some brain stores. So the idea here, when you build this kind of concept, it's, it's my opinion.
Of course, we have a, at two main points here, the context you need to understand the credentials. It's basically talking about the identity because the credentials of the users and the access and the partners, because you have many, you can have many 30 parties to access your environment, right? And you have, you need to set the correct policy and the behavior, right? So usually you have this three forms, the two ways, or, or actually in your environment or inside the environment, you need to prioritize this kind of information, the context, right?
So this is for my opinions in the main point here, I would like to show you some very interesting or very interesting open source tool in infection month. I dunno if you know, but it's very, very interesting because you can build this kind of solution. You can build it. Not really.
You can, you know, produce this kind of in, in controlled environment. You can test it.
It's very, very interesting. I, I printed some informations here because in this tools we have, you can build this environment. You can create some virtual machines, you can attack this kind of machine and you can see the results. You can collect the report and many information. This is information in my environment. I create yes, yesterday night, by the way, right? And then for this presentations. So this is the Mac that I have in my environment. And this is, I can collect the zero trust report.
If you see here, you can see the network, the people that's very important, the devices and the data they, and of course have here the workloads, because all those things it's inside of, you know, zero trust concept. And, and, and this is the main point because I have here in this tools, I think I have the possibility to, to attack this environment. And of course you, if you have this environment map, you can, you know, attack this correctly, the, the correct way, actually. Right?
So, and in the other hand, you have incited this open source, too. It's very, very interesting. You have a attack, basically the information basic in, in, in my attack. So you can see the kind of technique that's this kind of projector or attacker can be used in your environment. Or if you have the, you know, red team inside of your company, you can, you know, make this kind of team using the attack in your environment, and you can test your on zero trust environment, right? So this is the main point. This is another brain store. It's basic, it's based on the beyond Corp.
I think it's the mainly company that is stuck this kind of top. And again, the, the simple, simple concept. It's I have an access process responsible to just control.
I, I have the access control engine to, you know, to manage this kind of access. This is another interesting point. I put in many reference here that you can use here and other, but this is the pre a private company. It's a checkpoint, but the concept, this is the, the main idea here is to show you.
I have, in some of them, I have a devices, I have a people, I have a data and a network, and I have a workload. The idea of the zero trust is to see all those things and to, into, you know, guarantee the true access to the everywhere or the every people. Right. But you need to set the correct policy for everyone, right? So you can do, I think it's the same case here.
We, I can show you the DCP cloud and, and Google cloud, by the way, you have, you can use the cloud identity to, to come to set in some configurations, you can use it, point verifications, setting the browser. For example, you can collect some information of the, the endpoint you can collect, for example, the system operation and another informations you can comfortable if the access context manager that you have inside the GCP cloud, and you can set the, the IAP, right?
So the, the main access is to control the policies and here, of course you have the date. And then it's very interesting if you have another manager or, or logging manager, you know, and, but Phillip, I don't like to work with Google. No worries. You have another possibility to use it. The also keeper, for example, this is open services. It's another open source tool used to, to create this kind of access process. This is the main point, the response for, you know, to control the access, any the people using a lot in the, the cake log.
It's another open steps too, to responsible to create the authentication processes, right? And here, this is the main point to build this identity, where process, this is the mainly responsible to generate or, or to control, not generate to control the access. Right? So here it's some components it's very interesting on Google again, right? So in ation agent that captures and send user devices and personal data to the, this a I P right. And you can use the access context manager. This is responsible to, to have the policy manager, right?
The identity aware proxy is responsible, you know, to, to reside who can access the application. In a, as I mentioned, I, I need to have the centralizing log to centralize and store logs from the company. Right. And I finished my presentation here. I think it's, we don't have more time to question, but if you have I'm open here and again, thank you for this time.
