Connect with us


Architecting the Zero Trust Enterprise



Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of digital interaction. 

The Zero Trust Model has become increasingly top of mind for executives who need to keep up with digital transformation and adapt to the ever-changing security landscape. Unfortunately, many organizations are still struggling with a poorly integrated, loose assembly of point products that do not align with the strategic approach expected by board members and C-level executives. 

Deployed properly, the Zero Trust Enterprise is a strategic approach to cybersecurity that simplifies and unifies risk management under one important goal: to remove all implicit trust in every digital transaction. This means regardless of the situation, user, user location, device, source of connection, or access method, cybersecurity must be built in by design in every network, connection, and endpoint to address the modern threat landscape. 

By becoming a true Zero Trust Enterprise, organizations enjoy more consistent, improved security and simplified security operations that effectively lower costs. 

Zero Trust Today: A Modern Security Approach for Digital Transformation 

As an industry, we’ve reached a tipping point: many users and apps now reside outside of the traditional perimeter. A hybrid workforce is a new reality—businesses must provide access from anywhere and deliver an optimal user experience. The days of managing implied trust by relying on a static, on-premises workforce are gone. 

At the same time, application delivery has firmly tilted in favor of the cloud, public or private, and has enabled development teams to deliver at an unprecedented pace. However, new architectures, delivery, and consumption models create more instances of implied trust, and an expanding catalog of apps creates a broader attack surface, while implied trust granted to microservices yields new opportunities for attackers to move laterally. 

Infrastructure can be anywhere, and everything is increasingly interconnected, making the elimination of implicit trust even more critical. You can no longer simply trust IT equipment such as printers or vendor-supplied hardware and software because IT and workplace infrastructure are increasingly connected to internet-facing apps that centrally command and orchestrate them. Anything internet-facing is a risk to your organization. Physical locations are increasingly run by connected things, including IoT, which typically have more access than they need. Traditional IT patching and maintenance strategies do not apply here—cyber adversaries know this is ripe for exploitation. 

Delivering the Zero Trust Enterprise 

The biggest challenge to adopting a Zero Trust architecture has not been a lack of specific security tools but a simple lack of resources (talent, budget, interoperability, time, etc.). Running the most current security controls against a moving target—a dynamic threat landscape—has been a privilege reserved for a few well-resourced organizations. So why would Zero Trust work this time for the masses? 

The Zero Trust Enterprise is enabled through Palo Alto Networks extensive experience and comprehensive set of security capabilities to introduce consistent Zero Trust controls across the entire organization. As Forrester noted in The Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020, “Palo Alto Networks has essentially either procured, acquired, or built every tool or capability an organization could need to operate a Zero Trust infrastructure. Palo Alto Networks is assembling a robust portfolio to deliver Zero Trust everywhere—on-premises, in the data center, and in cloud environments.”1 

Instead of testing, running, and fixing multiple non-integrated security controls across all of your security domains, such as malware or DLP, you can rely on one single control, which you can deploy across your entire enterprise. Security by design becomes a reality as cost of deployment, operations, and time-to-market are going down. Moreover, leveraging the network effect of telemetry from the entire enterprise and not just from one specific area means the time to respond and prevent cyberthreats goes down, leading to more resilient cybersecurity. 

Palo Alto Networks: Over a Decade of Zero Trust Experience 

As a pioneer in Zero Trust with thousands of customers and deployments, no one in security has more experience than Palo Alto Networks across the entire security ecosystem, including network, endpoint, IoT, and much more. We know security is never one size fits all. Here’s what makes our ZTE approach different: 

Comprehensive: Zero Trust should never focus on a narrow technology. Instead, it should consider the full ecosystem of controls that many organizations rely on for protection. Actionable: Comprehensive Zero Trust isn’t easy, but getting started shouldn’t be hard. For example, what current set of controls can be implemented using security tools you have today? Intelligible: Convey your Zero Trust approach to nontechnical executives in a concise, easy-to-understand summary, both business and technical terms. Ecosystem Friendly: In addition to having one of the most comprehensive portfolios in the market, we work with a broad ecosystem of partners. 

A Comprehensive Approach: Users, Applications, and Infrastructure 

At its core, Zero Trust is about eliminating implicit trust across the organization. This means eliminating implicit trust related to users, applications, and infrastructure. 

Zero Trust for Users 

Step one of any Zero Trust effort requires strong authentication of user identity, application of “least access” policies, and verification of user device integrity. 

Zero Trust for Applications 

Applying Zero Trust to applications removes implicit trust with various components of applications when they talk to each other. A fundamental concept of Zero Trust is that applications cannot be trusted and continuous monitoring at runtime is necessary to validate their behavior. 

Zero Trust for Infrastructure 

Everything infrastructure-related—routers, switches, cloud, IoT, and supply chain—must be addressed with a Zero Trust approach. 

For each of the three pillars, it is critical to consistently: 

Establish identity using the strongest possible authentication. The request is authenticated and authorized to verify identity before granting access. This identity is continuously monitored and validated throughout the transaction. Verify the device/workload. Identifying the enterprise laptop, a server, a personal smartphone, or a mission-critical IoT device requesting access, determining the device’s identity, and verifying its integrity is integral to Zero Trust. The integrity of the device or host requesting access must be verified. This integrity is continuously monitored and validated for the lifetime of the transaction. Or, in the case of applications and cloud infrastructure, identifying the requested device or microservices, storage or compute resources, partner and third-party apps before granting access. Secure the access. Enterprises need to ensure users only have access to the minimal amount of resources they need to conduct an activity, restricting access to, for example, data and applications. Even after authentication and checking for a clean device, you still need to ensure least privilege. Secure all transactions. To prevent malicious activity, all content exchanged must be continuously inspected to verify that it is legitimate, safe, and secure. Data transactions must be fully examined to prevent enterprise data loss and attacks on the organization through malicious activity. 

The Role of the Security Operations Center (SOC) 

The SOC continuously monitors all activity for signs of anomalous or malicious intent to provide an audit point for earlier trust decisions and potentially override them if necessary. Using broad enterprise data collected from network, endpoint, cloud, and much more, the SOC uses behavioral analytics (UEBA), threat hunting, anomaly detection, correlation rules in the SIEM, and more to double-check all trust decisions. The SOC can do this because they have a wide view of the entire infrastructure versus a subset of information such as separate firewall or endpoint telemetry. When this information is examined across the entire infrastructure, the SOC has the ability to discover things that would normally go undetected in individual silos. 


What are the benefits of becoming a Zero Trust Enterprise? By taking a holistic, platform-based approach to Zero Trust, organizations can secure their digital transformation initiatives while enjoying increased levels of overall security and significant reductions in complexity.

For more information on complete Zero Trust security, visit us.

1. Chase Cunningham, The Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q3 2020, Forrester Consulting, September 24, 2020, FY21Q1%20Forrester%20Zero%20Trust%20eXtended%20Wave%20report.

© 2021 Palo Alto Networks, Inc. Palo Alto Networks is a registered trademark of Palo Alto Networks. A list of our trademarks can be found at All other marks mentioned herein may be trademarks of their respective companies. Parent_wp_architecting-the-zero-trust-enterprise_112321

Original Post:


Moroccan B2B ECommerce Platform Chari Nets Funding on $100M Valuation




Morocco-based B2B eCommerce and FinTech startup Chari could see a valuation of $100 million after a new bridge round of funding, TechCrunch reported Thursday (Jan. 20).

Chari functions as a mobile app, allowing traditional proximity store owners in Morocco to order products and have them delivered.

The company is trying to get more into the FinTech space after closing a bridge round which was led by the Saudi Arabia-based venture capital fund Khwarizmi Ventures, AirAngels (Airbnb Alumni Investors) and Afri Mobility, the venture capital arm of AKWA Group.

“Chari will use the money from this bridge round to test the BNPL services with its existing customers,” said Ismael Belkhayat, Chari’s CEO. “Upon successful results, Chari will acquire a local credit company to enable shop owners to lend money to their end users and further grow their business.”

Chari works with over half of the proximity stores in Casablanca, and has expanded into Tunisia. Last August, the company also acquired Karny, a mobile credit book application.

The Karny acquisition gave Chari more data on the loans given by grocery stores to customers, letting it credit assess unbanked shop owners and determine the best payment terms.

Chari was also a participant in the startup investor and incubator Y Combinator S21 batch and raised $5 million in late 2021. PYMNTS writes that Karny’s services help convenience stores use smartphones to manage credit arrangements with customers.

See also: Morocco’s eCommerce Startup Acquires Mobile Credit Book App

The company has around 15,000 convenience store customers. According to Y Combinator’s website, Chari “is an eCommerce and FinTech app for traditional retailers in North Africa allowing them to order any consumer goods they sell and get delivered for free in less than 24 hours.”

Chari also works as a financial services provider for retailers, offering micro-credit facilities.

PYMNTS also reported on Chari’s fundraising last year, writing that it could help the company expand into French-speaking Africa.

Related: Moroccan B2B eCommerce Firm Chari Raises $5M 


Continue Reading


Hudson Swafford Breaks From Pack Late to Win the American Express



Hudson Swafford went eagle-birdie at the 16th and 17th holes to cap a busy final round and win The American Express on Sunday in La Quinta, Calif.

Swafford’s eagle, nine birdies and three bogeys added up to an 8-under 64 that catapulted him to victory after starting the day three strokes off theleaders. At 23-under 265, Swafford beat Tom Hoge (68 Sunday) by two shots.

Brian Harman also shot a 64 earlier in the day to se

Original Post:

Continue Reading


Is Putin Following in Steps of Peter the Great



Three hundred and forty kilometers east of the Ukrainian capital, Kyiv, lies the city of Poltava.

At its heart is a semi-circular square with a cast-iron column and nearly two dozen eighteenth-century Swedish cannons captured in the 1709 Battle of Poltava, a decisive encounter in the Great Northern War, waged between Russia’s Peter the Great and Sweden’s Charles XII for supremacy in eastern Europe.


Original Post:

Continue Reading