Science & Technology

Cisco has released a reference document for shared signals and events to resolve the “rotating” problem.

Security standards have the potential to improve interoperability between security vendors and expand support for a zero trust approach to security.

Image: Pop Tika

Cisco’s new Shared Signals and Events framework is designed to ease the lives of security analysts by improving interoperability and supporting zero trust security. The company participated in the OpenID Foundation as a maintenance member and Published open source technical reference Document.

The shared signal sounds exactly like that. It is the standard method of communication for security changes and may reduce “unnecessary unauthorized reauthentication or authorization” and enable a much more accurate response to changes in security parameters.

NancyCam-Winget, a prominent CiscoSecure engineer, said SharedSignals are similar to RSS feeds of security signals or events, although the actual technical implementation is quite different.

“The ecosystem will be an ecosystem where some vendors publish their events and others subscribe to them,” she said.

Cam-Winget I posted a blog post about the news announced on Tuesday, November 3rd. And I will explain the protocol like this.

“For example, cloud applications may subscribe to events from endpoint detection and response solutions to quickly remove access from infected systems, or IAM solutions because SIEM tools initiate an investigation. May publish changes to the user context used for. “

Use of shared signals and events This approach solves the “rotary problem” where security analysts do not communicate with each other and need to check and correlate signals from different tools and environments.

look: Zero Trust: Good, Bad, Ugly

“The goal is a world where the security environment reacts more quickly and dynamically to changing risks by reducing the manual burden on analysts and increasing the effectiveness of security,” she said. ..

Cam-Winget said Cisco’s new reference document should facilitate the adoption of standards so that the path to achieving security values ​​is shorter and smoother. Developers can use the reference architecture to set up transmitters and receivers in a relatively short order.

“The big value proposition here is that it takes much less time than setting up a one-to-one API integration for each solution you want to integrate,” she said. “The Shared Signals framework saves us a lot of work with each additional signal after initial setup.”

According to Cisco, the Shared Signals and Events approach allows for significant changes in security, as well as the impact of the WebAuthn standard on passwordless authentication.

NS OpenID Foundation Is a non-profit organization that promotes the use of open and interoperable standards, especially the simple identity layer above Oauth 2.0: Open ID Connect.

In a press release, Gail Hodges, executive director of the OpenID Foundation, said Cisco is joining the board at an important turning point in the development of ID standards.

“Cisco has been a longtime contributor to global standards and looks forward to working together to respond to this moment by paving the way for society and expanding our approach,” Hodges said. increase.

Foundation Shared Signals and Event Working Group Includes industry leaders working to facilitate more open communication between security systems. The three co-chairs represent Amazon, Google and Coinbase. The main goal of this group is to enable a federated system with well-defined mechanisms for sharing security events, state changes, and other signals to do the following:

  1. Manage access to resources and apply access control restrictions across distributed services running in a dynamic environment.
  2. Prevents malicious attackers from exploiting account, device, service, endpoint, or other principal or resource breaches to gain unauthorized access to additional systems or resources.
  3. Allow users, administrators, and service providers to coordinate to detect and respond to incidents.

You can find the specifications of the group here..

See also

Cisco has released a reference document for shared signals and events to resolve the “rotating” problem. Cisco has released a reference document for shared signals and events to resolve the “rotating” problem.

Back to top button