Zero Trust: Stopping Insider Threats скачать в хорошем качестве

Zero Trust: Stopping Insider Threats

Insider threats are one of the most challenging cybersecurity issues to detect and prevent. In this video, we dive deep into the different types of insider threats and explore effective strategies to stop them using SSHepherd. According to CISA's Zero Trust principles, we must assume our network has already been compromised. This adversary could be a disgruntled employee, a contractor with remote privileges, or an external actor who has infiltrated the network, possibly through a phishing attack. Our adversary is now a rogue insider. We'll walk you through a typical insider threat scenario and demonstrate how SSHepherd protects your network: Scenario 1: A rogue insider uses tools like Nmap to scan the network and Hydra to crack passwords. Scenario 2: SSHepherd in action - ports are invisible to the rogue insider, rendering scanning tools ineffective. Scenario 3: Even when the rogue insider is a SSHepherd user, we show how integration with Splunk can stop unauthorized activities in real-time by terminating their sessions. Watch as we demonstrate the workflow, from detecting unauthorized applications with Splunk to terminating rogue sessions on both Linux and Windows environments. See how SSHepherd’s integration with Splunk provides a robust defense mechanism within the Zero Trust framework, ensuring least privilege, role-based access control, session monitoring, and termination of unauthorized activities. Timestamps: 00:00 Insider Threats 00:15 Types of Rogue Insiders 00:30 Process that Rogue Insiders Implement 00:50 Scenario 1 - Rogue Insider Process 01:16 Scenario 2 - Rogue Insider and SSHepherd 01:31 Scenario 3 - Splunk and SSHepherd 02:12 Demo on Ubuntu running Nmap 03:36 Demo on Windows running Zenmap 04:29 Zero Trust and SSHepherd For more information or to request a demo, visit us at www.fullarmor.com.