Power Zero Trust
ThreatEye powers the proof
that Zero Trust demands
Organizations can no longer assume that a trusted asset on the network is still trustworthy, or that a legitimate end-user account remains legitimate.
Threat actors are abusing this trust and blending in with traffic, protocols, and encryption.
Why Is the World Adopting Zero Trust?
The Zero Trust approach to cybersecurity protects against this type of abuse. It demands proof that everything touching your network is trustworthy.
A record number of organizations, including the United States Government, are adopting a Zero Trust Architecture (ZTA) which is built around a central premise. ‘Trust ONLY IF you verify.’
NIST says a Zero Trust approach relies on several key tenants:
- Implicit trust zones: none, not even your enterprise private network
- Devices on network: often not owned or configurable by the enterprise
- Resources: none are inherently trusted
- Infrastructure: some enterprise resources are on non-enterprise infrastructure
- Remote subjects and assets: cannot fully trust their local network connection
- Assets and workflows: those moving between enterprise and non-enterprise infrastructure should have a consistent security policy and posture
The Zero Trust Organizational Mindset
As you look to implement or mature a Zero Trust strategy, here is the mindset that will power your progress.
“Zero trust is a cybersecurity paradigm focused on resource protection and the premise that trust is never granted implicitly but must be continually evaluated. Zero trust architecture is an end-to-end approach to enterprise resource and data security that encompasses identity (person and nonperson entities), credentials, access management, operations, endpoints, hosting environments, and the interconnecting infrastructure.” — NIST 800-207
You need the correct strategy, followed by the correct tools to successfully implement this approach.
How Does LiveAction Power Zero Trust?
LiveAction powers continuous network detection and response (NDR) so that SecOps and NetOps teams can consistently evaluate trust. It does so in a manner consistent with White House Executive Order 14028, Improving the Nation’s Cybersecurity, and Presidential Memo M-22-09, Moving Toward Zero Trust Cybersecurity Principles.
“Agencies should strive to employ heuristics rooted in machine learning to categorize the data they gather, and to deploy processes that offer early warning or detection of anomalous behavior in as close to real time as possible throughout their enterprise.
For example, agencies may benefit from detecting excessive access requests to certain data types, or when accounts associated with agency leadership are accessing a system or category of data they have not previously accessed and would ordinarily not be expected to.”
LiveAction ThreatEye uses streaming Machine Learning (MLE) on top of advanced behavioral analytics to detect the trustworthiness of everything on the network.
This platform analyzes more than 150 traits and characteristics at wire speed, collecting and analyzing long-term baseline data. ThreatEye detects advanced threats on the network and creates SOC ready alerts when traffic, assets, and behaviors are no longer trustworthy.
Why Is ThreatEye an Innovative Zero Trust Choice?
Nearly 90% of network traffic is encrypted. As a result, an increasing number of tools are going blind, and developing continuous trust is impossible.
However, ThreatEye is unfazed by encryption. It uses Encrypted Traffic Analysis (ETA) to record, baseline, and do complex analysis of behaviors. It does not decrypt any network traffic. This is a key point, since the U.S. Government warns against the decryption approach:
“…as CISA and security researchers have warned, network inspection devices can present security vulnerabilities through weak or incorrect implementation of encryption protocols.
For example, agencies should avoid relying on static cryptographic keys with an overly broad ability to decrypt enterprise-wide traffic, as even a brief compromise of such a key would defeat encryption across the agency.”