identity management

Contenido identity management

Blog updated on 31/10/2024

Larger scale and complexity industrial control networks present risks, and cybersecurity needs that usually cannot be met by applying a traditional segmentation model. Factors such as the presence of critical obsolete equipment, equipment managed by third parties or the increased presence of IoT technologies that require external connections, are motivating the adoption of more advanced architectures when applying the principle of defense in depth.

Proper segmentation can be a fundamental aspect in preventing attacks, especially in their propagation to essential and critical production assets. It is also important to adapt to the environment to be segmented. It is a common mistake to try to segment networks based on concepts and schemes like the IT environment.

This article will present some new network models and tips to work on a correct segmentation in an environment where different components are involved (OT, IIoT, IT, IoT).

Blog updated on 10/10/2024

Organizations face the constant challenge of adopting new security strategies, such as the Zero Trust model, which operates under the premise of "never trust, always verify." This change is crucial especially in cloud environments, where identity and resource access management is more complex. In particular, the Secure Web Gateway (SWG) is a key system, which focuses on controlling user access to the web, protecting against web-based threats, and enforcing security policies. It acts as an intermediary between users and the internet, filtering and inspecting web traffic to ensure it meets the organization's security requirements.

However, implementing and managing SWGs presents significant challenges, such as integration with existing infrastructures, managing complexity, and scalability. These challenges require meticulous attention to ensure effective and efficient protection in the changing cybersecurity landscape. This article explores the purpose and function of SWGs, as well as their architecture, their ability to protect against cyber threats, and best practices for their implementation.

Blog posted on 29/08/2024

The ability to monitor and analyze the behavior of users and entities becomes crucial for early detection and response to potential threats. UEBA solutions identify unusual or anomalous patterns in user behavior, enabling rapid identification of internal threats or external compromises. This post focuses on how UEBA analysis is becoming an essential tool for a cybersecurity strategy, from identifying suspicious behavior to preventing potential security breaches.

Blog posted on 08/08/2024

In the field of cybersecurity, CASB systems play a crucial role in providing an additional layer of protection for cloud applications. This approach prevents threats, detects malware, and ensures privacy in a digital environment, thereby addressing the growing need for data protection. 

This article explores how CASB systems work, their key applications, and their benefits in terms of security and privacy, ensuring that applications operate by protecting data in cloud environments and maintaining fine-grained control over cloud operations. From vendor assessment to malicious behavior detection, its versatility extends, offering benefits such as risk mitigation and improved cloud security.

Blog posted on 13/06/2024

The UN R155 and UN R156 regulations are of vital importance for vehicle cybersecurity. From July 2022, all car manufacturers that want to be type-approved must comply with both regulations, but from July 2024 this requirement will be extended to all new vehicles sold in the European Union, regardless of when the manufacturer obtained type-approval. One of the most important aspects of compliance with both regulations is the completion of a cybersecurity risk assessment of the vehicle, including all integrated components of the vehicle's supply chain. On the other hand, it also specifies how to incorporate cybersecurity from design, how to detect and respond to incidents, how to securely update vehicle software, etc. 

Blog posted on 04/04/2024

The automotive world has always been one of the most cutting-edge sectors in terms of the technology used, which is why today's cars are equipped with technologies such as Bluetooth, NFC, GPS, etc., which improve different aspects such as comfort, fuel efficiency and increased safety.

But these implemented technologies can also bring with them serious problems, such as the risk of cyber-attacks that can affect passengers in the vehicle, both at the level of personal data and physical security.

For this reason, this article aims to provide an insight into some of the cyber-attacks that smart cars have suffered and how cyber-security is evolving and adapting to make more and more vehicles cyber-safe.