Zero Trust Attack Surface Management: Five Easy Steps Home Insights Blog Zero Trust Attack Surface Management: Five Easy Steps October 4, 2021 Zero Trust should be applied to organizational attack surface management (ASM) programs. Kane Lightowler of Palo Alto Networks offers five key steps to deploying effective ASM with Zero Trust. In May the White House issued an executive order outlining a new Federal Government cybersecurity posture with respect to contractors. One of the key tenets of the order was Zero Trust. The Zero Trust Architecture security model assumes that a breach is inevitable or has likely already occurred, so it constantly limits access to only what is needed and looks for anomalous or malicious activity. Zero Trust Architecture embeds comprehensive security monitoring; granular risk-based access controls; and system security automation in a coordinated manner throughout all aspects of the infrastructure in order to focus on protecting data in real-time within a dynamic threat environment. Zero Trust Framework for Attack Surface Management Zero Trust architecture for traditional networks is well defined, but the model should also be applied to attack surface management (ASM) programs since the attack surface is the foundation for all security deployments. These five steps can guide deployment of a Zero Trust framework for your ASM practice. Define the Attack Surface Comprehensive visibility into all known and unknown assets is crucial before you build out any security practice. Without granular visibility into all assets, including constantly changing cloud assets, it’s impossible to ensure attack surface security. ASM solutions provide a comprehensive accounting of internet-connected assets, and this system of record should be the validation method for your Zero Trust processes. Establish Traffic Flow Monitoring Traditional Zero Trust architecture employs inside-out monitoring to capture malicious traffic. However, thanks to the increase in ransomware attacks through publicly accessible command and control nodes, it’s also important to monitor malicious communications using an outside-in approach. Assign Policies An asset exposed to the internet isn’t dangerous in itself, but it’s a threat when it’s exposed without being monitored. Organizations must define custom policies that keep them secure and agile. Using a central policy engine to globally enforce policies and alert on violations is crucial. Automate Prioritization and Remediation An ASM solution shouldn’t just discover issues, it should also automatically assign them for remediation. Without remediation, an organization cannot secure its attack surface. Continuous Monitoring Perhaps the most important component of a Zero Trust architecture is the ability to independently and continuously monitor your attack surface. Your ASM solution must be able to alert on exposed assets and also allow you to verify the successful remediation of a risk. These five steps help organizations answer the important who, what, when, where and how questions critical to securing their attack surfaces. In the near term, the White House executive order establishes rules governing contractor interactions with federal agencies. But it also shines a light on the path forward for all organizational cybersecurity programs. Attack surface management is a core element of the fight against hackers – today and in the future – and if you don’t have a robust solution in place already, it’s a conversation worth having as soon as possible. By: Kane Lightowler Vice President - GTM Cortex | Palo Alto Networks Share: Attack Surface Zero Trust Partner Series identity Related Insights Image Zero Trust is About Changing Security Mentality July 08, 2021 Zero Trust safeguards assets and data in the cloud, but organizations should also invest in building a Zero Trust culture. See Details Blog Image An Introduction to Zero Trust October 19, 2020 In this video, Jerry Chapman explains that we can help you integrate components, break down silos and create an effective zero trust architecture. See Details Video Image Adopting Zero Trust Zero Trust architecture hardens your security strategy by eliminating “trust but verify” traditional perimeter models and instead opting for a “never... See Details How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.