Automated Moving Target Defense
The Future of Security
AMTD is essential in the age of AI generated attacks. It delivers proactive cybersecurity against the ever evolving threat landscape.
THE CHALLENGES
In the shadowy corners of the digital realm, a nefarious phenomenon has emerged, revolutionizing the landscape of cybercrime. Cybercrime-as-a-Service (CaaS) is an organized crime model that provides threat actors with unprecedented access to tools, AI expertise, and services to wreak havoc.
Despite massively expanding investment in cybersecurity, damage from cyberattacks continues to rise at an unprecedented rate, projected to reach over $10 trillion by 2025.
Attackers are using AI large language models to create smarter malware
ZTNA 2.0, SDP, and VPN architecture use fixed PoPs providing attackers with static sites that they can investigate for attacks.
Security Certificates that last months or years give attackers plenty of time to explore and attack
Trafic takes the same path through the network via static PoPs
Millions of security alerts each day make it hard for Sec Ops teams to find the right needle in the needle stack!
ENTER AUTOMATED MOVING TARGET DEFENSE FOR ZTNA
WHAT IS AMTD?
Automated Moving Target Defense (AMTD) is an evolution of MTD, which is based on the basic premise that “a moving target is harder to attack than a stationary one”. It involves the use of strategies for orchestrating movement or changes in various IT environment components and layers, across the attack surface, to increase uncertainty and complexity within a target system. - GARTNER TGI 2023
MOVING POPS
Cloudbrink PoPs are called FAST edges. They are Flexible, Autonomous, Smart, and Temporal. They only last as long as a user is connected and can be triggered to close and reappear elsewhere. This makes attacking FAST edges much harder than attacking a fixed infrastructure PoP.
![Analyst Data Cloud Server [Converted] 01](https://cloudbrink.com/wp-content/uploads/2022/11/Analyst_data_cloud_server-Converted-01.png)
SHORT LIFE CERTIFICATES
Using rotational mutual TLS 1.3, security certificates with the Cloudbrink service only last a maximum of eight hours. Compared to other solutions that last 6 months to ten years, the attacker has virtually no time to use the certificate before it is invalid. Furthermore, this time can be reduced to minutes if required, and any security event can also trigger a certificate refresh.
MULTIPLE PATHS | MULTIPLE CONNECTIONS
When a user is on the Cloudbrink service, they are connected to three FAST edges. In turn, those FAST edges are connected to a network of other FAST edges. The user's individual sessions within an application take different routes that constantly change each time they use a particular app. There is no fixed route or even a fixed network provider where the data travels. Cloudbrink uses a large number of tier one, tier two and when needed, tire 3 operator networks.
Cloudbrink provides a High-Performance ZTNA service using zero trust principles based on mTLS 1.3 and it delivers advanced Automated Moving Target Defense (MTD) by rotating security certificates, constantly moving PoPs, and changing network paths.
To avoid detection, modern attacks are "low and slow". By rotating certificates multiple times a day, these exploits that involve certificates are eliminated.
High Performance ZTNA (HAaaS), ZTNA and VPN Comparison
| Cloudbrink | ZTNA | VPN | |
|---|---|---|---|
| Branch user optimization | |||
| Hybrid user optimization | |||
| Multi-cloud connectivity | |||
| SaaS apps optimization | |||
| Software-only (minimal maintenance) | |||
| Single policy-definition (central control plane) | |||
| Single pane of glass visibility (aggregated visibility) | |||
| Granular control (per user per app) | |||
| SDP-compliant enterprise access | |||
| Automated Moving Target Defense |
A Secure and Performant Remote Access Solution
The Brink App, FAST Edges, and Cloudbrink's connector software work together to provide a more secure and performant remote access solution than current VPN, SDP, ZTNA or ZTNA 2.0 offerings. The Brink App is powered by AI to overcome local Wi-Fi and broadband network challenges, while FAST Edges are automatically created close to the end user for maximum performance. This provides a high-performance, highly secure end-to-end connection to private apps or data sources.
Cloudbrink's High-Performance ZTNA Three Main Components
The Brink App, installed on end-user devices, leverages the power of AI to overcome any network challenges and guarantees an excellent quality of experience for the end-user, regardless of the network.
Enterprise access points called FAST (Flexible, Autonomous, Smart, Temporary) Edges are automatically created close to the end user enabling Cloudbrink to react rapidly to changes in demand, guaranteeing the highest possible performance. Cloudbrink can automatically scale thousands of FAST Edges. By contrast, traditional vendors typically provide only 100-200 PoPs at most. These edges form a mesh to create the fastest possible route through the cloud on a per-session basis. In contrast, other ZTNA vendors typically provide only 100-200 PoPs at most.
If required, Cloudbrink's connector software can be deployed in the customer's cloud environment or data center to provide a secure end-to-end connection to private apps or data sources.
Cloudbrink's High-Performance ZTNA is a software-only solution that uses pre-emptive and accelerated packet recovery to minimize the impact of network issues. The zero trust network architecture with AMTD combines packet recovery with FAST edges to minimize latency.
Cloudbrink Zero Trust Architecture
