Opal Security’s Post

Great blog on why a least privilege model is great in theory, but very difficult to implement. Learn how to effectively get to the finish line with Opal!

To successfully implement least privilege, start by identifying your crown jewels. In the context of least privilege access, “crown jewels” are an organization's most critical assets — the valuable inventory that requires the highest level of protection. Implement least privilege on your crown jewels first. Then, once you’ve found success and mitigated any issues to user experience or the day-to-day flow of business operations, apply the same methodology one layer away from your core crown jewel (for example, systems that have access to the crown jewel). Continue to secure another layer, then another, and so on. #accessmanagement #identitysecurity

Some interesting principles to think about in terms of security and important aspects to consider

The 2024 vulnerability landscape is growing faster than any security team can keep up with. On this episode of Pulling the Strings, Center for Internet Security CISO Sean Atkinson and Robin Tatam, CISM, CPFA, CPSP, CTMA, PCI-P discuss what makes a CISO a CISO, what it’ll take to close the skill gap, where IT ops fits in the security discourse, and what it looks like to put strong automation behind industry-recognized benchmarks.

I recently sat down with Sean Atkinson, a respected cybersecurity expert and executive thought leader from the Center for Internet Security to talk about the current state of #CyberSecurity, and to get his expert insight on the critical responsibilities of a CISO, #PlatformEngineering and #DevSecOps, and how we all have a contributing role to play. We compared notes on a slew of important topics, including common inhibitors to good cyber hygiene in 2024, techniques to increase development velocity without sacrificing security, and the monumental impact of #ArtificialIntelligence. So, what do you think? Are we collectively winning or losing the global war on cyber criminals? What are the most influencing factors of that success or failure? Find this intense episode of the popular "Pulling The Strings" Podcast by clicking the image below, or listen on your favorite Podcast platform.

Save the date! Join this webinar to hear from Greg Notch, CISO of Expel, and Matt Bromiley, SANS Institute Analyst Expert, on how security teams should be utilizing the most popular and common frameworks.

Beyond Traditional Defenses: Embracing Comprehensive Security

Struggling with overwhelming false positives and outdated detection methods?Don't miss our webinar where Michael Kuchera, Zapier’s Security Incident Response Leader, shares insights on leveraging Detections-as-code (DaC) to enhance alert fidelity and fortify your security strategy. Register now: https://lnkd.in/ggj83Kxt #ThreatDetection #IncidentResponse #DetectionAsCode

💡 Got a minute? Connor's here to give you the lowdown on Coro's powerful security features. From real-time threat detection to compliance management, we’ve got everything you need to stay secure.