Morioh
Login
Barton Greenfelder

Barton Greenfelder

3 years ago

From an operational standpoint, the foundation of CARTA starts with an assessment and then building the zero-trust principles on top of that with an adaptive security model.

Gartner’s CARTA (Continuous Adaptive Risk and Trust Assessment), which sets out their vision for security, is increasingly being adopted by several enterprises. Recently Gartner also called out CARTA strategic approach in the top 10 security projects for 2019. CARTA, being a strategic approach, covers a whole gamut of areas, and multiple security products from endpoints, devices, IoT, procurement, etc. contribute to different parts of CARTA.

Very high-level CARTA primer

A couple of years back, Gartner introduced CARTA (Continuous Adaptive Risk and Trust Assessment) – a strategic approach to information security. With workloads increasingly moving to the cloud, access is made from multiple devices and locations outside office boundaries, one-time gates are no longer sufficient and must change to be adaptive and context-aware.

The CARTA approach suggests that both Risk (threat/attack) and Trust (access by entities) should not be made as a one-time gate of good/ bad, allow/disallow but instead, be continuously evaluated and actions taken in a dynamic, adaptive manner based on various factors like device, risk, asset value, incidents, behavior, analysis, etc. This strategy is applicable to Ops (production), Build (development), and Planning (business owners).

In this document, we talk about CARTA as it applies to Web Application Security and Indusface, applicable more to threat assessment and mitigation and not as much to trust. For this aspect, CARTA sets out a cycle of Predict – Prevent – Detect – Respond which resonates with the Detect-Protect-Monitor approach that Indusface provides.

CARTA: Indusface terminology

Anticipate Threats & Exposure. (Detect)

Indusface Web Application Scanner automatically scans applications for vulnerabilities. Customers that need deeper business logic scanning will use our premium pen testing service.

Prevent Attacks (Protect)

Indusface WAF implements the Protect part and prevents attacks. The highly tuned advanced rule set is in block mode right from the start. Premium (custom) rules will be written and applied depending on specific customer scenarios.

Incident/breach (Protect, Monitor)

Indusface tools and teams will analyze and Monitor events to detect indicators of attempted attack and take appropriate action including automated response, alerting, and getting security experts involved.

Remediate, analyze incidents (Detect, Protect, Monitor)

Raw and analyzed logs are stored so post facto analysis can be done by internal and customer teams. Internally, detection, prevention rules are adjusted, customized and new targeted rules written as needed in response to incidents.

#web security #carta #web application security #security

How CARTA Strategies for Web Applications are Met with Indusface AppTrana Solution

threatpost.com

How CARTA Strategies for Web Applications are Met with Indusface AppTrana Solution

From an operational standpoint, the foundation of CARTA starts with an assessment and then building the zero-trust principles on top of that with an adaptive security model.

1.15 GEEK