I've been working through the second edition of the Cybersecurity Architect's Handbook's "secret menu" one domain at a time...the controls that still mean something after everything else has fallen. This installment does something different...it looks down at the ground all of them are standing on.
Every control we design as architects ultimately serves one of two questions. Who is allowed to do what — and is the data still protected ... Access control answers the first. Data protection answers the second. Together they form the innermost ring of a defense-in-depth architecture...
Every query a device makes is a statement of intent — what it wanted to reach, when, and how often — and once you're logging them, you're no longer just blocking bad names. You're watching behavior....
Before we get into the core of the article — a quick, time-bound note. Packt is sponsoring a giveaway on my LinkedIn channel...This post moves to the first place that thinking touches wire: Category 2, Network Security Controls...
In the last post I gave you the tour — the foundational labs, the eight operational categories...So let's start where the whole discipline starts: Category 1, Threat Modeling and Risk Assessment.
In the last post, I jumped straight to the top of the spire — the AI Security Automation capstone. But a capstone, by definition, sits on top of something. You can't appreciate the spire if you've never seen the cathedral....
The Second Edition of the Cybersecurity Architect's Handbook: An Architect's Guide to Designing, Building, and Defending the Modern Enterprise is now available for pre-order on Amazon.
Packt's $9.99 eBook sale, which runs only until Monday, June 30.
This is your chance to get my book, Cybersecurity Architect's Handbook, at a reduced price. They only do this at certain times of the year...