Tag: attack surface

The importance of segregation in cybersecurity

Segregation is one of those strategies that, when used well, can improve your security posture much more than any shinny expensive security solution. It is a key security concept. It is one of the main strategies that we can embrace to obtain real security, however, very frequently we don’t consider it. We apply segregation when we separate the asset from the threat. We implement segregation, for example, when we put a firewall between two networks. This is the most clear example, but we also apply segregation in many other situations: when we use containers; when we use virtual machines; when we close open ports; when we use different roles with different authorization levels; etc.

Continue reading “The importance of segregation in cybersecurity”

Any SaaS solution is a n-tier system where all layers have to be protected, not only the application and its code

Any SaaS solution is a n-tier system, and as such, all the tiers should be protected, not only the application layer. If we put all our effort in the application and its code, we might miss important vulnerabilities in other parts of the attack surface.

Continue reading “Any SaaS solution is a n-tier system where all layers have to be protected, not only the application and its code”