home.social

#leastprivilege — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #leastprivilege, aggregated by home.social.

  1. New NIST Zero Trust Guidance Alert!

    Looking to implement zero-trust architecture (ZTA) but unsure where to start? NIST just released SP 1800-35, offering 19 real-world examples of zero-trust implementations using commercial, off-the-shelf tech.

    Built with 24 industry collaborators over four years, this detailed playbook bridges the gap between theory and practice.

    Key takeaways for your organization:
    • Map your ZTA to the NIST Cybersecurity Framework
    • Start with what you have — identify existing tech
    • Roll out incrementally: identity, MFA, access controls
    • Validate and monitor continuously
    • Treat ZTA as a journey, not a one-and-done project

    Read the article for advice on your zero-trust journey: darkreading.com/endpoint-secur

    #ZeroTrust #Cybersecurity #NIST #ZTA #Infosec #ZTArchitecture #SP1800_35 #ContinuousSecurity #IdentitySecurity #LeastPrivilege #Cybersecurity #Infosec #IT #Riskmanagement

  2. New NIST Zero Trust Guidance Alert!

    Looking to implement zero-trust architecture (ZTA) but unsure where to start? NIST just released SP 1800-35, offering 19 real-world examples of zero-trust implementations using commercial, off-the-shelf tech.

    Built with 24 industry collaborators over four years, this detailed playbook bridges the gap between theory and practice.

    Key takeaways for your organization:
    • Map your ZTA to the NIST Cybersecurity Framework
    • Start with what you have — identify existing tech
    • Roll out incrementally: identity, MFA, access controls
    • Validate and monitor continuously
    • Treat ZTA as a journey, not a one-and-done project

    Read the article for advice on your zero-trust journey: darkreading.com/endpoint-secur

    #ZeroTrust #Cybersecurity #NIST #ZTA #Infosec #ZTArchitecture #SP1800_35 #ContinuousSecurity #IdentitySecurity #LeastPrivilege #Cybersecurity #Infosec #IT #Riskmanagement

  3. New NIST Zero Trust Guidance Alert!

    Looking to implement zero-trust architecture (ZTA) but unsure where to start? NIST just released SP 1800-35, offering 19 real-world examples of zero-trust implementations using commercial, off-the-shelf tech.

    Built with 24 industry collaborators over four years, this detailed playbook bridges the gap between theory and practice.

    Key takeaways for your organization:
    • Map your ZTA to the NIST Cybersecurity Framework
    • Start with what you have — identify existing tech
    • Roll out incrementally: identity, MFA, access controls
    • Validate and monitor continuously
    • Treat ZTA as a journey, not a one-and-done project

    Read the article for advice on your zero-trust journey: darkreading.com/endpoint-secur

    #ZeroTrust #Cybersecurity #NIST #ZTA #Infosec #ZTArchitecture #SP1800_35 #ContinuousSecurity #IdentitySecurity #LeastPrivilege #Cybersecurity #Infosec #IT #Riskmanagement

  4. 5️⃣ Fine-Grained Access Control

    From “all photos last week”

    to

    SELECT * FROM emails WHERE sender LIKE ‘%@microsoft.com’

    agents need precise, least-privilege access. Let’s get specific! 🎯📂

    #LeastPrivilege #DataSecurity

  5. Unauthorised network access remains a significant threat, especially for organisations lacking robust network security controls. Attackers can capture privileged credentials from automated tasks and vulnerability scanners if these tasks are configured with an excessive scope or are insufficiently protected by network or host controls...

    Read our latest blog, "Watch where you point that cred," by Tom Thomas-Litman, for insights and recommendations for securing internal networks: pentestpartners.com/security-b

    #CyberSecurity #Infosec #NetworkSecurity #VulnerabilityScanning #CredentialTheft #Honeypots #LeastPrivilege #RiskMitigation

  6. Zerobot is a Go-based botnet that spreads primarily through IoT and web application vulnerabilities.

    Learn how Zerobot works and how to defend devices and networks against it:

    - Use Microsoft 365 Defender as security solutions with cross-domain visibility and detection capabilities

    - Adopt a comprehensive IoT security solution such as Microsoft Defender for IoT, integrate it with XDR platform such as Microsoft Sentinel and Microsoft 365 Defender

    - Harden endpoints with a comprehensive Windows security solution

    - Ensure secure configurations for devices

    - Use least privileges access

    microsoft.com/en-us/security/b

    #microsoft #windows #security #iot #MSTIC #azure #xdr #microsoft365defender #defenderforIoT #iot #sentinel #microsoftsentinel #siem #soar #cloud #cloudsecurity #Zerobot #ssh #leastprivilege #rat #ioc #threatintelligence #ti #tip #ddos #ZeroStresser #webapp #vulnerabilities #cve

  7. Thanks @girlgerms for linking to this epic list of #Azure Active Directory least privilege roles BY TASK.
    Want to do this thing? You need this role to give you the min amount of required permissions.

    learn.microsoft.com/azure/acti

    #security #ZeroTrust #identity #LeastPrivilege