Yonas Tibebu

Value stream mapping  is a  lean manufacturing visualization tool for recording all the repeatable steps that are required to bring a product to market. Value stream mapping has two important goals: to identify processes that do not provide value so they can be improved and to help  management become more aware of the impact of their actions . Value stream maps have their roots in the Toyota lean production system. In this context, value can be thought of as anything the customer is willing to pay for and any process that does not provide value is called waste. In keeping with Toyota's kaizen philosophy, value stream mapping emphasizes kaizen, also known as continuous improvement. The philosophy has been adopted by many other industries outside manufacturing including healthcare and software development. When used in DevOps, for example, value stream mapping can reveal steps in development, test, release and operations support that waste time or ar...

Software-defined perimeter (SDP) is a security framework developed by the Cloud Security Alliance ( CSA) that controls access to resources based on identity. The framework is based on the U.S. Department of Defense's "need to know" model -- all endpoints attempting to access a given infrastructure must be authenticated and authorized prior to entrance. SDPs are designed to let enterprises provide secure access to network-based services, applications and systems. The SDP approach is sometimes said to create a "black cloud" because it obscures systems within the perimeter so that outsiders can't observe them. SDP software is purpose-built to give medium and large organizations the perimeter security model needed for zero trust applications and workload-centric network connectivity between on-premises and cloud environments. In addition to limiting the attack surface, an SDP solution also eliminates network vendor chaos by allowing for installation on any h...

An island-hopping attack is a hacking campaign in which  threat actors target an organization's more vulnerable third-party partners to undermine the target company's cybersecurity defenses and gain access to their network. A threat actor is an entity that is partially or completely responsible for an incident that affects -- or has the potential to affect -- an organization's security system.   Threat actors targeting large organizations -- even ones with effective cybersecurity defenses -- will go to any length to get in. If the targeted organization has strong cybersecurity practices, then attackers will utilize island hopping attacks and exploit the business's intermediaries to penetrate the original organization's secure systems. Island hopping attacks have become increasingly popular. Threat actors are using the technique to compromise network systems between multiple companies and steal their digital assets. The industries most affected by island hoppin...

An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered. While  anomaly detection and reporting are the primary functions, some intrusion detection systems are capable of taking actions when malicious activity or anomalous traffic is detected, including blocking traffic sent from suspicious Internet Protocol (IP) addresses. An IDS can be contrasted with an intrusion prevention system (IPS), which monitors network packets for potentially damaging network traffic, like an IDS, but has the primary goal of preventing threats once detected, as opposed to primarily detecting and recording threats. How do intrusion detection systems work? Intrusion detection systems are used to detect anomalies with the aim of catching hackers before they do real damage to a network. They can be either network or host-based. A host-based intrusion detection system is...