UPDATED 18:00 EDT / MARCH 11 2019

SECURITY

Attack scale dictates ‘zero-trust’ cybersecurity approach for Palo Alto Networks

Just how significant is the threat activity by malicious actors against the global cybercommunity? One major cybersecurity company offers a hint of the current level of attacks.

“We find 20,00 to 30,000 brand new pieces of malware every day,” said Scott Stevens (pictured), senior vice president of worldwide systems engineering at Palo Alto Networks Inc., which employs artificial intelligence and machine learning to analyze activity and take action. “Once we know, within five minutes we’re updating the security posture for all of our connected security devices globally. We’re updating all of our signatures so that the unknown is now known and the known can be blocked.”

Stevens spoke with Jeff Frick (@JeffFrick), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed the architectural approach behind a “zero-trust” strategy and the importance of device and identity enforcement. (* Disclosure below.)

Rules for users and traffic

With tens of thousands of new threats bombarding the cyber world on a daily basis, it’s no surprise that Palo Alto Networks has adopted an approach that “never trusts, always verifies.” The key is to implement a “zero-trust” solution with specific rules for users and applications traffic based on protecting the information that is the most critical for running the enterprise.

“If you’ve got a malicious insider or someone who’s logged in with stolen credentials, we can prevent them from doing what they’re not allowed to do,” Stevens said. “It’s an architectural approach to how to secure your network focused on what’s most important. You focus on the data that’s key to your business, and you build your security framework from the data out.”

For this strategy to reach maximum effectiveness, Palo Alto Networks partners with Forescout Technologies Inc. to understand what all the connected devices are in a given business. It then adds information about what each device is and who all the users are attached to that machine.

It’s a complicated strategy, yet essential in the face of a nimble and innovative adversary that just needs access to one of what might be tens of thousands of devices in any given business.

“How do we define what they are and who they are?” Stevens asked. “Forescout has that insight. We take that knowledge that they have, and that turns into identity and device enforcement.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference. (* Disclosure: Forescout Technologies Inc. sponsors theCUBE’s coverage of the RSA Conference. Neither Forescout nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU