Ptothgriffiths • User • The Register Forums

Posts by Ptothgriffiths

3 publicly visible posts • joined 13 Jan 2022

Why securing East-West network traffic is so important – and how it can be done

Friday 18th August 2023 10:19 GMT Ptothgriffiths

Re: bad example

You can also do E-W security with an overlay network. I work on an open source one which does this. In fact, you can embed it in an app using an SDK and not even trust the host OS network.

0 0

Jenkins warns of security holes in these 25 plugins

Friday 1st July 2022 10:13 GMT Ptothgriffiths

Fully agreed. We did similar, used the open source technology my company created to make our Jenkins invisible to the internet. Outbound only connectivity. We used webhooks with embedded zero trust SDKs to connect it to any external public resources (e.g., GitHub).

1 0

Open source isn't the security problem – misusing it is

Thursday 13th January 2022 10:35 GMT Ptothgriffiths

If every cloud server is dark with all inbound ports close, do we care about Log4shell?

If we embed private, zero trust connectivity embedded into applications and systems using open source components then we can close all inbound ports while ensuring transparency to users. This disrupts the Reconnaissance and Initial Access Tactics (as defined by MITRE ATT&CK) of malicious actors as well as restricting lateral movement - external network-level attacks (CVE or zero day exploit, DDoS, brute force etc) become all but impossible.

0 1

Topics

Special Features

Vendor Voice

Resources

User topics

Article topics

Posts by Ptothgriffiths

Why securing East-West network traffic is so important – and how it can be done

Re: bad example

Jenkins warns of security holes in these 25 plugins

Open source isn't the security problem – misusing it is

If every cloud server is dark with all inbound ports close, do we care about Log4shell?

About Us

Our Websites

Your Privacy