“Black Clouds” Being Proven to Effectively Prevent DDoS Attacks on Large Commercial and Government Organizations


WASHINGTON, D.C. – April 6, 2016 — Waverley Labs, a pioneer in software defined perimeters (SDP) and digital risk management solutions, today announced that it will be presenting at QTS Realty Trust (NYSE: QTS) Information Security & Compliance Forum (ISCF) on April 20, 2016 at Willard Hotel in Washington, D.C.

QTS is an international provider of data center, managed hosting and cloud services. The third annual ISCF event will bring together IT thought leaders to provide an insider’s perspective on the latest cybersecurity trends and top compliance issues facing enterprises and government organizations. The day will feature keynote speakers and interactive panel discussions, followed by an evening reception and book signing.

Juanita Koilpillai, Founder & CEO of Waverley Labs, and President of the Digital Risk Management Institute, will participate in the “Next Generation Solutions Showcase.” Koilpillai will present the Software Defined Perimeter (SDP) as an emerging threat prevention solution — particularly effective in preventing network-based attacks such as large and sophisticated Distributed Denial of Service (DDoS) attacks that continue to increase in frequency and severity.

SDP is core to a new security and risk management paradigm that establishes an undetectable application infrastructure often referred to as a “Black Cloud.” The primary effect of the SDP is that it transforms the application infrastructure into an effectively invisible or “black cloud” that shows no domain name system (DNS) information or IP addresses.

How it works for DDoS

Today’s anti-DDoS solutions are dealt with at layer3 and layer4 of the network stack using various packet filtering and load-balancing techniques. These solutions deny access to packets including legitimate ones thereby denying access to legitimate business transactions. This greatly impacts normal business operations and increases the risk of exposing the business to failures originating in these attacks.

SDP can be used to mitigate bandwidth DDoS attacks by denying bad packets and allowing legitimate traffic. The SDP Gateways (and Controllers) know what packets are legitimate. This information can be used to send block requests upstream to deal with DDoS attacks at scale. This allows legitimate packets to be allowed and normal business operations to continue despite being under a DDoS attack. This capability also allows a trace back feature that makes attribution easier.

SDPs are being proven by leading enterprises such as Coca-Cola and Mazda, and in the public sector by the DHS, who have enormous financial and reputation interests in preventing and removing the risk of being impacted by DDoS attacks. SDPs continue to be tested in organized industry “hack-a-thons” (such as RSA) with an estimated 10 billion attempts to date – all unsuccessful.

“We are pleased to present the software defined perimeter to such a prestigious group,” Koilpillai said. “It is important for them know that for the first time ever, SDPs combine and integrate on-device authentication, identity-based access, and dynamically provisioned connectivity to hide critical applications from hackers. The SDP is particularly relevant for DDoS as they are able to prevent the attack and not disrupt IT operations and network access since all legitimate users continue to be authenticated and allowed access. SDP can be used in government applications, such as enabling secure access to FedRAMP-certified cloud networks, as well as enterprise applications such as enabling secure mobile phone access to public clouds.”

Other ISCF speakers and participants include Timothy G. Brown, Dell Fellow and CTO, Dell Security, Jeff Moss, an American hacker and internet security expert who founded the BlackHat and DEFCON, Paul Grassi, Senior Standards and Technology Advisor, National Institute of Standards and Technology (NIST), Michael C. Theis, Chief Counterintelligence Expert and Senior Member, CERT Insider Threat, Carnegie Mellon University, Richard Stiennon, Chief Research Analyst, IT-Harvest, and recognized security expert, Matt Goodrich, Director, FedRAMP, Simon Crosby, CTO, Bromium, Inc., and Marvin Wheeler, President, Cybraics.

For more information about SDPs and to attend the ISCF event, register at this link.

About QTS
QTS Realty Trust, Inc. (NYSE: QTS) is a leading provider of secure, compliant data center solutions, hybrid cloud and fully managed services. QTS’ integrated technology service platform of custom data center (C1), colocation (C2) and cloud and managed services (C3) provides flexible, scalable, secure IT solutions for web and IT applications. QTS’ Critical Facilities Management (CFM) provides increased efficiency and greater performance for third-party data center owners and operators. QTS owns, operates or manages 24 data centers and supports more than 1,000 customers in North America, Europe and Asia Pacific. For more information, please visit www.qtsdatacenters.com, call toll-free 877.QTS.DATA or follow us on Twitter @DataCenters_QTS.

About Waverley Labs
Waverley Labs is a leading provider of digital risk management software and services that helps large organizations reduce their exposure to digital risk. Its products and services range from the industry’s first open source software defined perimeters (SDPs) for large federal agencies, to the assessment, quantification, and mitigation of digital risk from the business perspective. Waverley Labs’ automated analysis and visualization capabilities provide business leaders, risk officers and CISOs with an at-a-glance view of business risks prioritized according to business impact and recommended risk mitigations. Waverley Labs works closely with NIST and the Cloud Security Alliance to provide thought leadership in digital risk management. For more information visit http:/www.waverleylabs.com.