| |
|
Zero Trust Assets |
<<Asset at Risk>> Reputation |
| |
|
Zero Trust Assets |
<<Asset at Risk>> Data |
| |
|
Zero Trust Assets |
<<Asset at Risk>> Application |
| |
|
Zero Trust Assets |
UC6 Application Delivery Pipeline Security - Implemented Control Measures |
| |
|
Zero Trust Control Objectives |
<<Control Objective>> Providing a secure platform that ensures safety and protection of systems and data |
| |
|
Zero Trust Control Objectives |
<<Control Objective>> Enabling the establishment of a secure and resilient enterprise digital security ecosystem in which government services are delivered safely and securely |
| |
|
Zero Trust Control Objectives |
Risk |
| |
|
<<Threat Agent>> Attacker |
Threat Event |
| |
|
Threat Event |
Loss Event |
| |
|
Threat Event |
Vunerability |
| |
|
Loss Event |
Vunerability |
| |
|
Loss Event |
Risk |
| |
|
Vunerability |
Zero Trust Assets |
| |
|
<<Security Principle>> Zero Trust Principles |
Zero Trust Control Objectives |
| |
|
<<Security Requirement>> Zero Trust Requirements |
Zero Trust Control Objectives |
| |
|
UC6 Application Delivery Pipeline Security - Implemented Control Measures |
<<Implemented Control Measure>> Multi-factor authentication (MFA) |
| |
|
UC6 Application Delivery Pipeline Security - Implemented Control Measures |
<<Implemented Control Measure>> Security Information and Event Management (SIEM) |
| |
|
UC6 Application Delivery Pipeline Security - Implemented Control Measures |
<<Implemented Control Measure>> Context based authentication |
| |
|
UC6 Application Delivery Pipeline Security - Implemented Control Measures |
<<Implemented Control Measure>> Secrets Management |
| |
|
UC6 Application Delivery Pipeline Security - Implemented Control Measures |
<<Implemented Control Measure>> Automation |
| |
|
UC6 Application Delivery Pipeline Security - Implemented Control Measures |
Vunerability |
| |
|
UC6 Application Delivery Pipeline Security - Implemented Control Measures |
UC6 Application Delivery Pipeline Security |
| |
|
UC6 Application Delivery Pipeline Security |
<<Control Measure>> Enforce user/developer authentication using MFA to separate domain users for leastprivileged access to production and development system |
| |
|
UC6 Application Delivery Pipeline Security |
<<Control Measure>> Enforce authentication and authorization for short term access against Identity and Access Control |
| |
|
UC6 Application Delivery Pipeline Security |
<<Control Measure>> The permission should be short term and enforce MFA with jump boxes for Interactive access where applicable |
| |
|
UC6 Application Delivery Pipeline Security |
<<Control Measure>> Enable audit logs |
| |
|
UC6 Application Delivery Pipeline Security |
<<Control Measure>> Enforce segregation of duties |
| |
|
UC6 Application Delivery Pipeline Security |
<<Security Principle>> Zero Trust Principles |
| |
|
UC6 Application Delivery Pipeline Security |
<<Security Requirement>> Zero Trust Requirements |
