How do you prevent your hardware from containing any unintended loopholes or access points upon shipment?

If you think of data centers, they are wide open. There are huge vulnerabilities in physical infrastructure that people need to shore up. We have to amplify the traditional castle and moat approach and the whole zero trust concept. You have to just assume it's compromised, or assume it will be compromised. It's going to get copied. Those sandboxes are going to replicate. And what does it matter if it's your code or infrastructure—there's still access to things and people can do stuff. SolarWinds is a perfect example of that.

There's some basic stuff baked into the code that was then put right into the CIC pipeline but then everything starts pushing right back out. What's the root cause? I look at the basics of zero trust: it doesn't matter what it is, that node, that person, that access account, you don't trust it, and it’s going to have very specific parameters for what it can and can't do. Then you lock down.

How many more vectors are going to go out? If it's zero trust, that thing is never trusted. It has to register and then at least I can contain it. And so I think that concept is probably one thing that we've got to really embrace. You should even assume the source code will be compromised: Somebody gets access to someone's account that does something else in some manner that then does malicious stuff, adds things back in. So it is where it initiates that is the stuff that we need to secure the most. We need the AI aspect but we don't want an AI warning us all the time. We want an AI that has the cognitive ability to learn as they go and as new things roll out, it's execution is instantaneous.

We're doing the same basic stuff everybody else is doing as far as code testing. And we do basic apps security, penetration testing code reviews, we get someone to look at it and do background, etc., so I think everyone feels comfortable with the code itself. The issue is that we have such a narrow focus on whether the CI/CD pipeline is good. If you're just looking at that then what happens when you don't have any dev/prod segmentation or something? That's more the issue I see: "The code is great and we pushed it to dev and then it sat there. But the dev systems are not segmented from prod and now port 22 is open to the world because someone didn’t put a rule in to close it."