Teldat’s Continuous Adaptive Risk and Trust Assessment Security FAQ’s
1. What is Continuous Adaptive Risk and Trust Assessment (CARTA)?
2. How does CARTA incorporate the concept of Zero Trust?
3. What are the key differences between CARTA and traditional security models?
4. Why is continuous assessment necessary in today’s digital environment?
5. What are the three primary phases of the Continuous Adaptive Risk and Trust Assessment model?
6. What is the focus of the โRunโ phase in CARTA?
7. How do organizations integrate security into development using the โBuildโ phase?
8. What role does the โPlanโ phase play in the CARTA strategy?
9. How does CARTA utilize Artificial Intelligence (AI) and Machine Learning (ML)?
10. What specific security actions are taken when a compromised device is identified?
11. How does the solution physically isolate compromised network nodes?
12. What are the main elements that make up the Teldat CARTA solution?
13. What is the specific function of be.Safe XDR in the continuous monitoring process?
14. How does the CARTA solution integrate with existing SD-WAN infrastructure?
15. What are the core benefits of implementing CARTA security architecture?
1. What is Continuous Adaptive Risk and Trust Assessment (CARTA)?
CARTA stands for Continuous Adaptive Risk and Trust Assessment. It is a modern approach to threat prevention and detection, introduced in 2017, that focuses on the need for a continuous response to ever-increasing threats and risks. The core goal is to protect IT systems and networks by continuously adapting security measures to prevent and act on threats and risks in your digital ecosystem.
2. How does CARTA incorporate the concept of Zero Trust?
The CARTA model is based on a zero-trust framework. Zero trust establishes the need to continually assess all users and devices and make contextual access decisions. Under this model, all systems and devices are considered potentially compromised, and their behaviors are continuously assessed for risk and trust. This contrasts with traditional security models that grant permanent trust once initial network authorization is given.
3. What are the key differences between CARTA and traditional security models?
Traditional IT security solutions are based on simply allowing or blocking access, analyzing potential risk only at the point of entry. This older model assumes that once a user or device is authorized, it is assigned a permanent trust without reassessment. CARTA, however, does not grant intrinsic trust just because a device is on the network and enforces continuous monitoring and activity tracking to detect potential anomalous behavior, enabling real-time, contextual decision-making.
4. Why is continuous assessment necessary in today’s digital environment?
Organizations today allow large numbers of internal and external users to access their networks using devices that may not be managed by the company itself, leading to constant risks and threats. Furthermore, the evolution of malware and fraudulent businesses, coupled with factors like delocalized work and the use of the hybrid cloud, makes it essential to perform regular security evaluations to face new threats.
5. What are the three primary phases of the Continuous Adaptive Risk and Trust Assessment model?
The CARTA model is based on three critical phases: Run, Build, and Plan.
6. What is the focus of the โRunโ phase in CARTA?
The Run phase focuses on active threat detection and response. It relies on real-time analytics and machine learning to detect anomalies. Constant monitoring and activity tracking are essential to detect potential anomalous behavior, accelerating detection and response time to anticipate threats and attacks.
7. How do organizations integrate security into development using the โBuildโ phase?
The Build phase leverages the DevSecOps concept, integrating security from the beginning and throughout the entire software development process. This ensures that risk management extends beyond the company’s domain and considers the entire ecosystem. For example, this phase helps detect potential security risks in publicly available libraries before they are incorporated into production code.
8. What role does the โPlanโ phase play in the CARTA strategy?
The Plan phase is strategic. Business leaders, supported by security experts, must decide the level of risk they are willing to accept to take advantage of new IT opportunities, such as incorporating teleworking or migrating to the public cloud. This continuous assessment approach enables less risky decisions based on continually analyzing and assessing risk and trust.
9. How does CARTA utilize Artificial Intelligence (AI) and Machine Learning (ML)?
CARTA solutions apply Machine Learning (ML) techniques and AI layers to identify threats. This technology learns previously labeled traffic patterns to detect patterns generated by malicious software. Crucially, the AI layer can learn about new zero-day threats, continually adapting knowledge on new risks following the Continuous Adaptive security Assessment philosophy.
10. What specific security actions are taken when a compromised device is identified?
When a device infected with malware is detected, the system takes immediate action to isolate the compromised device. The goal is to prevent the spread of malware to other network elements, thereby avoiding the compromise of business activity and personal data.
11. How does the solution physically isolate compromised network nodes?
The solution dynamically modifies the network topology to isolate threat traffic. In an SD-WAN environment, the CloudWall service determines which network links to disconnect to isolate the compromised nodes. This information is communicated to the SD-WAN orchestrator (like Cloud Net Manager or CNM), which dynamically updates the configurations of the routers installed at the client site.
12. What are the main elements that make up the Teldat CARTA solution?
The Teldat CARTA solution is comprised of four key elements working together:
13. What is the specific function of be.Safe XDR in the continuous monitoring process?
The be.Safe XDR SaaS service processes traffic information using an AI/Machine Learning layer. It is a monitoring tool that specifically identifies compromised traffic and its point of origin. It is central to the “Run” phase, continually seeking to adapt knowledge on new risks.
14. How does the CARTA solution integrate with existing SD-WAN infrastructure?
The CloudWall service integrates directly with the SD-WAN orchestrator (CNM) via an API Rest interface. CloudWall accesses the network topology through CNM and then communicates topology changes back to CNM to initiate the isolation process. Because the customer’s network is an SD-WAN (Software Defined Network), the CNM orchestrator can dynamically modify the configurations of the routers to isolate the compromised nodes.
15. What are the core benefits of implementing CARTA security architecture?
By performing continuous cybersecurity evaluations and adapting to the environment, CARTA allows companies to minimize risks by reducing their impact or the probability of compromising existing systems. It ensures security evolves alongside threats, provides permanent monitoring, allows anticipation of threats, and enables rapid, contextual response through automatic learning and dynamic isolation.
