<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon
blog /
Zero Trust vs. VPN: Key Differences Explained (Side-by-Side)

Zero Trust vs. VPN: Key Differences Explained (Side-by-Side)

Understanding the core differences between a Zero Trust architecture and a Virtual Private Network (VPN) is an important step in shaping your organization’s cybersecurity strategy. Zero Trust and VPNs offer distinct approaches to security; knowing their functionalities and security philosophies helps you understand when to select one or the other to protect your data effectively—a strategic necessity for robust cybersecurity.
NSA Zero Trust Maturity Guidance Explained (TL;DR Version)

NSA Zero Trust Maturity Guidance Explained (TL;DR Version)

StrongDM is pleased to see that, in April 2024, the National Security Agency of the United States, has released a Cybersecurity Information (CSI) sheet that recommends why and how organizations, public and private, should adopt the Zero Trust (ZT) security model for their data tier of infrastructure. At the core of the recommendations, an organization needs to know what data it possesses, how that data is being accessed, and how to control access to that data.
PAM Was Dead. StrongDM Just Brought it Back to Life.

PAM Was Dead. StrongDM Just Brought it Back to Life.

In essence, legacy PAM solutions over-index on access. StrongDM uses the principles of Zero Trust to evaluate and govern every action, no matter how minor - where each command, query, or configuration change is evaluated in real-time against dynamic policies that adapt to the context of the user, the sensitivity of the action, and the prevailing threat landscape.
Top 9 Zero Trust Security Solutions in 2024

Top 9 Zero Trust Security Solutions in 2024

Zero trust is a security and authentication model that eliminates the assumption of trust and shifts the focus from a traditional security parameter, like a VPN or firewall, to the individual user. Nearly all (92 percent) cybersecurity professionals agree that it’s the best network security approach that exists. In this article, we’ll evaluate the top nine zero trust solutions and help you decide which is right for your organization.
XZ Utils Backdoor Explained: How to Mitigate Risks

XZ Utils Backdoor Explained: How to Mitigate Risks

Last week, Red Hat issued a warning regarding a potential presence of a malicious backdoor in the widely utilized data compression software library XZ, which may affect instances of Fedora Linux 40 and the Fedora Rawhide developer distribution. CISA, or Cybersecurity & Infrastructure Security Agency, confirmed and issued an alert for the same CVE.
Context-Based Access Controls: Challenges, Importance & More

Context-Based Access Controls: Challenges, Importance & More

Context-based access controls refer to a dynamic and adaptive approach to managing security policies in modern infrastructure. Addressing challenges in enforcing consistent security across diverse platforms, these policies consider factors such as device posture and geo-location to adjust access controls dynamically. By narrowing access based on contextual parameters, they reduce the attack surface, enhance security, and streamline policy administration, ensuring compliance in evolving
10 Ways to Prevent Man-in-the-Middle (MITM) Attacks

10 Ways to Prevent Man-in-the-Middle (MITM) Attacks

It’s difficult to detect MITM attacks, and attackers can target anyone online. Hackers can capture user credentials from customers by attacking sites or apps that require login authentication. They may also target businesses with sites or apps that store customer or financial information.Want to know how to prevent man-in-the-middle attacks? Follow these 10 proven strategies.
Unmasking Cozy Bear (APT29): The Urgent Need for Continuous Authorization

Unmasking Cozy Bear (APT29): The Urgent Need for Continuous Authorization

Cozy Bear specializes in targeting governments, diplomatic entities, non-governmental organizations (NGOs), and IT service providers, primarily in the U.S. and Europe. These state-sponsored groups aim to clandestinely gather strategic and sensitive information for Russia, maintaining prolonged access without raising suspicions.
Privileged Access in the Age of Cloud Authentication & Ephemeral Credentials

Privileged Access in the Age of Cloud Authentication & Ephemeral Credentials

The way that people work continues to evolve, and as a result, so do the ways that they must authenticate into their organization’s resources and systems. Where once you simply had to be hardwired into the local office network, now you must expand your perimeter to include remote and hybrid workforces, on-prem and cloud environments, and take into account a growing list of factors that impact how and where people access critical company resources.
Never Done: The Importance of Continuous Zero Trust Authorization

Never Done: The Importance of Continuous Zero Trust Authorization

Adherents to the Zero Trust security model, live according to a policy of “never trust, always verify.” It requires all devices and users to be authenticated, authorized, and regularly validated before being granted access, regardless of whether they are inside or outside an organization's network. But the catch is that authentication and authorization don’t just happen at the first touch.
How to Implement Zero Trust (Step-by-Step Guide)

How to Implement Zero Trust (Step-by-Step Guide)

In this blog, we’ll offer a blueprint for how to implement Zero Trust security effectively to help your organization initiate and manage access management for all your users, devices, and resources.
Implicit Trust vs. Explicit Trust in Access Management

Implicit Trust vs. Explicit Trust in Access Management

Trust is an essential cornerstone in access management. However, not all trust is created equal. When it comes to how you approach access, two types of trust stand out: implicit trust and explicit trust.
Unlocking Continuous Zero Trust Authorization with Strong Policy Engine

Unlocking Continuous Zero Trust Authorization with Strong Policy Engine

We are thrilled to announce an exciting new addition to the StrongDM Dynamic Access Management (DAM) platform: Continuous Zero Trust Authorization. This powerful capability can help organizations leap forward in the Zero Trust journey by enabling continuous, contextual, and granular authorization and control over resources and data
Unlocking Zero Trust: The Kipling Method for Policy Writing

Unlocking Zero Trust: The Kipling Method for Policy Writing

To embark on a successful Zero Trust journey, it's crucial to articulate and implement policies that align seamlessly with your business model. The Kipling Method serves as a guiding light in this endeavor. Let's delve into the six fundamental questions it poses.
StrongDM app UI showing available infrastructure resources
Connect your first server or database, without any agents, in 5 minutes.