With Zero Trust becoming one of the most talked about cybersecurity trends today, Software-Defined Perimeter (SDP) should also be considered in this discussion. Using SDP in Zero Trust implementation enables organizations to defend against new attack methods that are constantly surfacing in existing network models. Implementing SDP can improve the overall security posture of businesses facing challenges when adapting to expanding and increasingly distributed attack surfaces.
How does Software-Defined Perimeter relate to Zero Trust?
The CSA Zero Trust working group is embracing industry’s expanded scope of Zero Trust going forward and will continue to promote SDP as a recommended architecture for achieving Zero Trust benefits, particularly as part of the ZT Network Pillar. The CSA will continue to revise and elaborate on the SDP specification (now V2 published 3/22 and supported by the SDP Architecture Guide), to capture and codify the knowledge gained from past experience and new developments.
What are the benefits of Software-Defined Perimeter?
SDP provides the ability to hide assets, which enables deny-all gateway until users/devices are proven. It also provides single packet authorization which enables integrated controls for authentication and authorization. Additionally, it provides the ability to authenticate before access.
One of the main benefits of SDP is that it reduces the attack surface, which means enhanced protection for cloud applications. Reducing the attack surface gives more centralized control to system owners as well as increased visibility to all authorized connections. Another benefit is the reduction in the cost of ownership by lowering costs for endpoint prevention/detection and incident response while also reducing complexity for integrating controls.
|Software-Defined Perimeter (SDP) Specification v2.0
|March 11, 2022
|Cloud Security Alliance Issues Expanded Specification for the Software-Defined Perimeter (SDP)
|March 10, 2022
|New SDP 2.0 specification facilitates zero-trust maturity
|April 26, 2022
|The History and Evolution of Zero Trust
|July 11, 2022
|The demise of the perimeter and the rise of the security platform.
|October 17, 2022