Membership
Join as a Business
Cloud Customers
Cloud Solution Providers
SaaS Solution Providers
CxO Initiative
Contact Us
Current Business Members
Cloud Customers
Cloud Solution Providers
Join as an Individual
Regional Chapters
Circle Community Forum
Research Working Groups
STAR Program
STAR Registry
STAR Home
Submit to Registry
Provide Feedback
What is the STAR Registry?
Learn how to stay compliant in the cloud.
CCAK Training
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
GDPR Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
CSA Approved STAR Assessment Firms
Certificates & Training
Events
Learn and network while you earn CPE credits.
Events
Virtual Events & Webinars
Certificates & Training
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Train my entire team
Training Instructors
Become an Instructor
Training Partners
Become a Training Partner
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
CxO Initiative
CloudBytes Webinars
Awards & Recognition
Ron Knode Awards
Research Fellows
Industry Specific Research
Financial Services
Healthcare
Getting Started with CSA Research
Best practices for cloud security
Assess your compliance to cloud standards
Security questionnaire for vendors
The top threats to cloud computing
View more
Architectures and Components
Enterprise Architecture
Hybrid Cloud Security
Emerging Technologies
Blockchain/Distributed Ledger
Internet of Things (IoT)
Quantum-safe Security
Securing DevOps
Application Containers and Microservices
DevSecOps
Serverless
Security Services
Enterprise Resource Planning
Cloud Key Management
Security as a Service
Zero Trust
Threat Intelligence
Incident Response
Top Threats
View all working groups

SDP and Zero Trust

Latest ResearchJoin Group
Software-Defined Perimeter (SDP) and Zero Trust
Software-Defined Perimeter (SDP) and Zero Trust

Download

Research Home
View Working Groups
Contribute
Download Publications
Join this working group
Home
Research
Working Groups
SDP and Zero Trust
What is Zero Trust? Essentially, Zero Trust is a network security concept centered on the belief that organizations should not automatically trust anything inside or outside traditional perimeters and aims to defend enterprise assets. Implementing Zero Trust requires the verification of anything and everything that tries to connect to assets before granting access and the continued evaluation of sessions during the entire duration of the connection. 

What is SDP? Software Defined Perimeter (SDP) provides an integrated security architecture that is otherwise hard to achieve with existing security point products, such as NAC or anti-malware. It is designed to leverage proven, standards-based components, such as data encryption; remote attestation, mutual transport layer security, Security Assertion Markup Language (SAML) and X.509 certificates. Incorporating these and other standards-based technologies ensures that SDP can be integrated with an organization’s existing security systems. 

How are Zero Trust and SDP related? SDP can be used to implement zero trust networks. Since SDP is agnostic of the underlying IP-based infrastructure and hones in on securing all connections using said infrastructure - it is the optimal architecture for achieving zero trust. You can learn how you can use SDP-based zero trust to thwart ransomware attacks in this webinar.

How other organizations are using SDP
Companies like Coca-cola are implementing SDP research into their vending machines, and Mazda is using SDP for their connected vehicles. Building Intelligence Inc. uses SDP in their access points for visitors, loading docks, and freight entrances to prevent terrorist attacks and theft. 

Software Defined PerimeterZero Trust

This group is working to validate and protect the devices and connections on a network. The topics of group discourse are benefits, architectural references, and implementation of the SDP protocol.

Join Group

Next Meeting

No Meetings Currently Scheduled


Working Group Leadership

Jason Garbis Headshot
Jason Garbis
Jason Garbis

Jason Garbis is Senior Vice President of Products at Appgate, a leading provider of cloud- and hybrid-ready Zero Trust security products and services. At Appgate, he's responsible for the company's security product strategy and product management. He has over 30 years of product management, engineering, and consulting experience at security and technology firms. He is also co-chair of the Software Defined Perimeter (SDP) Work...

Read more

Junaid Islam Headshot
Junaid Islam
Junaid Islam

Founder and CTO of Vidder

Junaid Islam is the CTO and founder of Vidder which provides distributed access control solutions to Fortune 500 companies. Prior to founding Vidder, Junaid founded Bivio Networks which developed the first Gigabit speed software based securityin the industry. Earlier in his career Junaid helped create networking standards such as Frame Relay, ATM and MPLS while at StrataCom and Cisco.

In addition to his work in th...

Read more

Bob Flores Headshot
Bob Flores
Bob Flores

Bob Flores is a co-founder and partner of Cognitio. Prior to this, Bob spent 31 years at the Central Intelligence Agency. While at CIA, Bob held various positions in the Directorate of Intelligence, Directorate of Support, and the National Clandestine Service. Toward the end of his career at the CIA, Bob spent three years as the CIA’s Chief Technology Officer where he wa...

Read more

Juanita Koilpillai Headshot
Juanita Koilpillai
Juanita Koilpillai

Founder & CEO of Waverley Labs

Juanita Koilpillai is Founder and CEO of Waverley Labs, a pioneer in software defined perimeters (SDP) and digital risk reduction solutions. She has 30 years’ experience researching and developing systems in computer security, network management and real-time distributed software. She leads the open source software-defined perimeter (SDP) effort for ‘black’ apps in the cloud with the Cloud Security Alliance and is an active contributor to N...

Read more

Join this working group

Cloud Security Research for Zero Trust

CSA Research crowd-sources the knowledge and expertise of security experts and helps address the challenges and needs they’ve experienced, or seen others experience, within the cybersecurity field. Each publication is vendor-neutral and follows the peer review process outlined in the CSA Research Lifecycle. We recommend getting started by reading the following documents.

Software-Defined Perimeter (SDP) and Zero Trust

Software-Defined Perimeter (SDP) and Zero Trust

A Zero Trust implementation using Software-Defined Perimeter enables organizations to defend new variations of old attack methods that are constantly surfacing in existing network and infrastructure perimeter-centric networking models. Implementing SDP improves the security posture of businesses facing the challenge of continuously adapting to expanding attack surfaces that are increasingly more complex. This paper will show how SDP can be used to implement ZTNs and why SDP is applied to network connectivity, meaning it is agnostic of the underlying IP-based infrastructure and hones in on securing all connections using said infrastructure - it is the best architecture for achieving Zero Trust.

Access this publication
Software Defined Perimeter (SDP) Architecture Guide

Software Defined Perimeter (SDP) Architecture Guide

This architecture guide leverages proven, standards-based components to stop network attacks against application infrastructure. This guide will help enterprises and practitioners understand the economic and technical benefits SDP can provide. It also assists users in implementing SDP in their organizations successfully. After reading this guide you will understand how SDP can be used in different environments, and be able to successfully deploy SDP solutions based on the architecture recommendations.

Access this guide
Software-Defined Perimeter as a DDoS Prevention Mechanism

Software-Defined Perimeter as a DDoS Prevention Mechanism

Learn how to use SDP as a tool to prevent DDoS attacks. In this document we demonstrate its efficiency and effectiveness against several well known attacks, including HTTP Flood, TCP SYN, and UDP Reflection. The primary target audience for this document are people in security, enterprise architecture, and compliance roles within enterprises. These stakeholders will be largely for the evaluation, design, deployment, or operation of DDoS prevention solutions within their enterprise.

Access this publication
View All Research

Zero Trust Architecture Expert Group

Contribute to the development of an 8 hour training course focused on Zero Trust. Expert volunteers will help review and advise on the scope, curriculum, objectives, structure, go-to-market strategy and value proposition for the training. 
To learn more about the experience required to join this group, expected timeline, and project overview download the group charter

Webinars & Resources

Using SDP-based Zero Trust to Thwart Ransomware Attacks

Using SDP-based Zero Trust to Thwart Ransomware Attacks

Ransomware attacks have continued to increase and have become a major risk for both private and public enterprises. This session will provide an overview of ransomware attacks and the utilization of a SDP-based Zero Trust Architecture as an effective countermeasure.

Watch now
Software Defined Perimeter Architecture Guide

Software Defined Perimeter Architecture Guide

SDP combines well-proven technical and architectural components to protect networked applications and infrastructure, more efficiently and effectively than with traditional network security tools. This webinar explains SDP and it’s benefits, as well as provides a preview of the architecture guide

Watch now
SDP – The Yellow Brick Road to Zero Trust

SDP – The Yellow Brick Road to Zero Trust

In this webinar, you’ll learn how a Zero Trust implementation using SDP is applied to network connectivity, meaning it is agnostic of the underlying untrusted IP-based infrastructure, and hones in on securing connections. The webinar will delve into the steps to implement SDP and facilitate organizations to defend from new variations of old attack methods that are constantly surfacing in existing perimeter-centric networking and infrastructure models.

Watch now

Blog Posts

Three Network Weaknesses that Zero Trust Addresses
Read Now
How SDP Can Be Used to Thwart DDoS Attacks
Read Now
How to choose a Zero Trust architecture: SDP or Reverse-Proxy?
Read Now

Press Coverage

Article TitleSourceDate
Choosing ZTNA vendors amid zero-trust confusionTechTargetOctober 27, 2020
Understanding the zero trust-SDP relationshipTechTargetOctober 29, 2020
Malicious SharePoint and OneDrive links are a phishing scammer’s dreamSC MagazineOctober 22, 2020
Definition: software-defined perimeter (SDP)SearchCloudSecurityNovember 13, 2020
Implementing an SDP architecture for added network securityTech TargetNovember 20, 2020
Volunteer to develop a new zero trust training course