Introduction and Summary

DevOps’ way of working is creating great business values for companies. It also creates new requirements, challenges, and opportunities for the cybersecurity practice, which is evolving towards what is often called DevSecOps. …


Background

Managing IT, especially risk and security, is difficult and costly. There is a constant struggle and the main solution seems to be to throw more manpower on the problem. However, there are two issues with this solution; 1) finding and keeping competent people is not easy, and 2) the IT…


Internet— Description

The “Internet” attack vector is always relevant to take into consideration unless the architecture has no connection to the outside world what so ever, in essence, is protected by a so-called “air gap”. (Air gaps can be overcome by attackers as well, but we will look at that situation separately.)


Phishing — Description

In the previous section, we were looking at an attack coming from Internet, via a firewall with an unknown rule set. When looking at the Phishing attack scenario, it is also coming from an external/foreign network zone, but makes use of the fact that the attacker has managed to trick…


Image by author

Insider/Burglary - Description

As mentioned, an air gap attack might be far fetched since not many network architectures are actually air gapped and the situations when they really are are quite rare. However, understanding the discussion around the air gap often helps discussing other situations when malicious software arrives inside a network zone…


Air Gap — Description

An air gap attack is an attack that travels into a network architecture even though it is network wise isolated to the rest of the world. To succeed with such an attack, a piece of malware needs to be brought into the internal network environment more or less by hand…


Additional Gateways — Description

What I mean by “additional gateways” is when a host inside the architecture is opening an extra gateway to external networks like the Internet. Depending on the configuration of the work stations, this might be possible. Situations, when this might happen, is for instance when employees like office users or…


What is Threat Modeling?

While there is not one exact industry wide definition, Threat Modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system of systems. Threat Modeling can be conducted both in the design/development phases and for live system environments. It is often referred…

Iza Hedlund

Developer at foreseeti

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store