#jobs #incident #vulnerability #patch-management #security-tools #ai #exploit #malware #detection-engineering #phishing #cloud #aws #authentication #ransomware #breach
Articles tagged with: #attestation Clear filter
The Evolution of Zero Trust: From Architecture to Attestation

The Evolution of Zero Trust: From Architecture to Attestation

cybersecurity www.reddit.com

We've been saying "Never trust, always verify" for more than a decade - but most of our industry still hasn't clearly defined what "verify" actually means. The original Zero Trust model (per NIST SP 800-207) focused on network segmentation, identity enforcement, and continuous authentication. That's all necessary - but it's not sufficient. Because even if you know who is connecting and where they're connecting from... you still don't know what state that system is in. And that's the gap...

#authentication #identity #nist #zero-trust #attestation
Auditing / Monitoring Network Activity of Android Apps

Auditing / Monitoring Network Activity of Android Apps

cybersecurity www.reddit.com

I have a question regarding apps that 1. require hardware based attestation / Play Integrity, 2. verify that installation comes from play store, and 3. check that the app is unmodified. Imagine a multi-stage malicious app that would download additional payloads that transmit your personal sensitive information only after all these attestation / integrity checks are passed, and that the malicious app takes care to make sure that the metadata, DNS, destination IP, and SNI of such network requests...

#attestation