Waverley Labs Blog
What ever happened to the Agile ATO?
Nearly two years ago, Federal agencies began embracing a shift to agile development methodologies—releasing projects in stages to get user feedback and rectify bugs early in the process and continuing to iterate and improve over time. A key challenge however was the...
Can Kubernetes in an F-16 Warfighter Jet Be a Secure Environment?
Zero Trust does not equate to Zero Risk As part of its work on the Defense Department's Enterprise DevSecOps Initiative, the Air Force is increasingly deploying solutions like Kubernetes, the open-source platform for managing containerized workloads and...
DevOps environments becoming new target for attack
Software-defined perimeter (the most advanced zero trust implementation) shows promise. Kubertnetes, Red Hat OpenShift, are you listening? DevOps teams continue to increase use of virtualization – be it virtualizing[1] operating systems or containerizing[2]...
Zero Trust Orchestration – A New Cyber Security Paradigm
Zero Trust is a catchphrase that is growing in use and is employed by cyber security product and service vendors to promote their offerings. Zero Trust, as the concept implies, requires that users aren’t allowed any access to anything until they can prove who they...
DDoS Attacks Can Now be Stopped Dead in Their Botnet Tracks
Software Defined Perimeter’s deny-all approach protects IoT devices In 2016, a massive distributed denial of service (DDoS) attack left much of the internet inaccessible on the U.S. east coast. The attack, which authorities initially feared was the work of a hostile...
SDP provides resiliency to denial of service attacks
New research confirms effectiveness and importance Yet another distributed denial of service (DDoS) attack has been reported and this time was sustained for a full day. AWS’s mitigations not only absorbed the vast majority of attacks but also flagged...
The Truth About Zero Trust
In one of the biggest data breaches ever, a hacker gained access to more than 100 million Capital One customer accounts and credit card applications affecting 100 million people in the U.S. and 6 million people in Canada. According to Capital One, the breach was...
Zero Trust is a Strategy, Not a Solution
Software Defined Perimeter architecture mandatory to ensure truly secure environments TechTarget recently published a four-part E-Handbook: Can a zero trust approach fill the security perimeter void? The four article series outlines Forrester’s vision for Zero Trust...
Providing Zero Trust Orchestration for Critical & Emergency Services
Introducing the Dynamic AccessIDTM Network & Toolkit Zero Trust is a catchphrase that is growing in use and is employed by cybersecurity product and service vendors to promote their offerings. Zero Trust, as the concept implies, requires that users aren’t allowed...
Continuous Monitoring Requires a Triumvirate Approach To Be Truly Effective
Databank, a leading provider of enterprise-class data center, cloud, and connectivity services, recently published a blog How to Make Continuous Monitoring Part of Your Compliance and Security Strategy. It outlines how continuous controls monitoring (CCM) is a...