LISA16: Zero Trust Networks: Building Systems in Untrusted Networks
Speaker: Evan Gilman, PagerDuty, Inc.
Abstract: Let’s face it—the perimeter-based architecture has failed us. Today’s attack vectors can easily defeat expensive stateful firewalls and evade IDS systems. Perhaps even worse, perimeters trick people into believing that the network behind it is somehow “safe,” despite the fact that chances are overwhelmingly high that at least one device on that network is already compromised.
It is time to consider an alternative approach. Zero Trust is a new security model, one which considers all parts of the network to be equally untrusted. Taking this stance dramatically changes the way we implement security systems. For instance, how useful is a perimeter firewall if the networks on either side are equally untrusted? What is your VPN protecting if the network you’re dialing into is untrusted? The Zero Trust architecture is very different indeed.
In this talk, we’ll go over the Zero Trust model itself, why it is so important, what a Zero Trust network looks like, and what components are required in order to actually meet the challenge.
via YouTube https://youtu.be/TI9Y1LWxjt4