Everyday there are new stories about major security breaches and an ever increasing number of attacks on government and commercial enterprises. And while companies continue to compound complexity by deploying security tools upon security tools, they are starting to focus on understanding their risk profile in an effort to identify and protect their most critical infrastructure and assets.
And help is on the horizon. There are new “connection-based” approaches rooted at the application layer that are proven to be 100% impenetrable being deployed by large government and commercial enterprises.
One solution with the most promise is the new reference architecture adopted by the Cloud Security Alliance and its members three years ago. Software Defined Perimeter (SDP) is highly scalable and is becoming core to a new security and risk management paradigm that allows you to hide or cloak infrastructure by disallowing access to only those legitimate users. SDP is connection-based and establishes an undetectable application infrastructure that is effectively an invisible or “black cloud” that shows no domain name system (DNS) information or IP addresses.
Successful reference implementations of SDP have been deployed by leading enterprises such as Coca-Cola, Mazda, Google, and the DHS, who have enormous financial and reputation interests in preventing and removing the risk of being impacted by attacks.
SDPs continue to be tested in organized industry “hack-a-thons” (such as RSA) with an estimated 10 billion attempts to date – all unsuccessful.
The industry first open source reference implementation of SDP was developed by Waverley Labs and is now available to the public. The reference architecture and repository can be accessed and downloaded here.
For more information, check out this white paper on Software Defined Perimeters.