Open Source Software Defined Perimeter


Our open source software defined perimeter (SDP) serves as the basis for our free and open Black Cloud platform.

Create your Black Cloud on premise or in a public or private cloud, DMZ, server in a data center, or inside an application server.

It combines security components previously not integrated: 1) SPA 2) mTLS 3) Device Validation 4) Dynamic Firewalls and 5) Application Binding

Waverley Labs then worked closely with CSA and DHS to develop the industry’s first Open Source reference implementation for version 1 specification for DDoS.


  • Hackers can’t attack what they can’t see
  • Make your critical infrastructure & applications invisible
  • Move or wrap them within your own SDP
  • No visible DNS information nor IP addresses
  • SDP connectivity based on need-to-know access model
  • Control plane is separate from the data plane
  • Device posture & identity verified before access granted
  • SDP cryptographically signs clients into the perimeter
  • Cloud Security Alliance created SDP for its members
  • Withstood 10-billion attempts at 4 annual “hack-a-thons”
  • DHS contracted Waverley Labs to make open source SDP
  • Follows NIST cyber security guidelines
  • Ideal for BYOD, clouds, IoT & cyber physical systems

Federal organizations, critical infrastructure providers, and businesses that rely on cloud delivery are able use these open source software releases to develop cloud services that are resistant to DDoS attacks and more:

  • One SDP prevents DDoS attacks, vulnerable code exploits, credential theft, man-in-the-middle, OWASP Top 10 & more
  • Removing access to business applications on the internet is reducing attacks
  • Open Source SDP is cheaper, faster, easier to create & manage
  • Following use cases shared in open source community:
    • Coca Cola – Users’ access limited to a single connection to each authorized application – eliminating malware and information theft
    • Coca Cola – removing VPN and 2-Factor AuthN has improved user experience
    • Google – Enabled BYOD and reduced the number of company purchased laptops
    • Mazda – easy to isolate unauthorized users/devices