Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

Working Group

Software-Defined Perimeter

This group is working to validate and protect the devices and connections on a network.
Software-Defined Perimeter Zero Trust Charter
Software-Defined Perimeter Zero Trust Charter

Download

Software-Defined Perimeter
The Software-Defined Perimeter (SDP) Working Group is no longer active. The SDP Working Group has been folded into the Zero Trust Working Group. The security industry has embraced the architectural goals and objectives of SDP while also expanding and elaborating on the goals and principles of Zero Trust to expand beyond the scope of SDP. We invite you to join the Zero Trust Working Group.

Working Group Overview

This group works to validate and protect the devices and connections on a network. The topics of group discourse are benefits, architectural references, and implementation of a zero trust architecture. In particular, we will use the SDP protocol as a reference to obtain zero trust.

What do we discuss?

During our meetings, we typically discuss changes in the industry and collaborate on projects the group is currently working on. We welcome anyone who would like to join, even if you would like to just listen in on any calls.


Drafts & Important Docs

Working Group Leadership

Bob Flores
Bob Flores

Bob Flores

Co-founder and Partner at Cognitio

Bob Flores is a co-founder and partner of Cognitio. Prior to this, Bob spent 31 years at the Central Intelligence Agency. While at CIA, Bob held various positions in the Directorate of Intelligence, Directorate of Support, and the National Clandestine Service. Toward the end of his career at the CIA, Bob spent three years as the CIA’s Chief Technology Officer where he wa...

Read more

Jason Garbis
Jason Garbis

Jason Garbis

Founder and Principal at Numberline Security

Jason Garbis is Founder and Principal at Numberline Security, a consulting firm helping enterprises prepare for, define, and execute on effective Zero Trust security strategies. Jason has authored several books, including Zero Trust Security: An Enterprise Guide, is co-chair of the Zero Trust Working Group at the Cloud Security Alliance, and is a frequent speaker at industry conferences. Jason holds a CISSP certification, has a BS in Comput...

Read more

Junaid Islam
Junaid Islam

Junaid Islam

Secure Communications Expert

Junaid Islam is the CTO and founder of Vidder which provides distributed access control solutions to Fortune 500 companies. Prior to founding Vidder, Junaid founded Bivio Networks which developed the first Gigabit speed software based securityin the industry. Earlier in his career Junaid helped create networking standards such as Frame Relay, ATM and MPLS while...

Read more

Erik Johnson
Erik Johnson

Erik Johnson

Cloud Security Specialist & Senior Research Analyst, CSA

Worked for the Federal Reserve for many years and volunteered with the CSA with a focus on CCM/CAIQ V4, specifically the STA domain, and developing a comprehensive framework and guidance for defining and managing the cloud shared security responsibility model (SSRM).

I recently retired from the Federal Reserve and am now consulting with the CSA as a Senior Research Analyst with a focus on Zero Trust and Financial Services.

Linke...

Read more

Publications in ReviewOpen Until
Context-Based Access Control for Zero TrustNov 27, 2024
Fully Homomorphic Encryption: A Comprehensive Guide for Cybersecurity ProfessionalsDec 06, 2024
AI Organizational Responsibilities: AI Tools and ApplicationsDec 08, 2024
Zero Trust Guidance for Small and Medium Size Businesses (SMBs)Dec 15, 2024
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Virtual Meetings

Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.

No scheduled meetings for this working group in the next 60 days.

See Full Calendar for this Working Group

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

Context-Based Access Control for Zero Trust

Open Until: 11/27/2024

The document "Context-Based Access Control for Zero Trust" provides guidance on implementing context-based access control (...

Fully Homomorphic Encryption: A Comprehensive Guide for Cybersecurity Professionals

Open Until: 12/06/2024

The document Fully Homomorphic Encryption: A Comprehensive Guide for Cybersecurity Professionals serves as an in-d...

AI Organizational Responsibilities: AI Tools and Applications

Open Until: 12/08/2024

The integration of LLMs and Generative AI introduces vital security considerations across development and deployment proces...

Zero Trust Guidance for Small and Medium Size Businesses (SMBs)

Open Until: 12/15/2024

In an increasingly digital world, small and medium-sized businesses (SMBs) are facing heightened security challenges, makin...