Automated Moving Target Defense

The Future of Security

AMTD is essential in the age of AI generated attacks. It delivers proactive cybersecurity against the ever evolving threat landscape.

SecureAccess SecureAccess


In the shadowy corners of the digital realm, a nefarious phenomenon has emerged, revolutionizing the landscape of cybercrime. Cybercrime-as-a-Service (CaaS) is an organized crime model that provides threat actors with unprecedented access to tools, AI expertise, and services to wreak havoc.

Despite massively expanding investment in cybersecurity, damage from cyberattacks continues to rise at an unprecedented rate, projected to reach over $10 trillion by 2025.

Attackers are using AI large language models to create smarter malware

ZTNA 2.0, SDP, and VPN architecture use fixed PoPs providing attackers with static sites that they can investigate for attacks.


Security Certificates that last months or years give attackers plenty of time to explore and attack

Trafic takes the same path through the network via static PoPs

Security Certificate

Millions of security alerts each day make it hard for Sec Ops teams to find the right needle in the needle stack!


zero trust security architecture zero trust security architecture


Automated Moving Target Defense (AMTD) is an evolution of MTD, which is based on the basic premise that “a moving target is harder to attack than a stationary one”. It involves the use of strategies for orchestrating movement or changes in various IT environment components and layers, across the attack surface, to increase uncertainty and complexity within a target system. - GARTNER TGI 2023


Cloudbrink PoPs are called FAST edges. They are Flexible, Autonomous, Smart, and Temporal. They only last as long as a user is connected and can be triggered to close and reappear elsewhere. This makes attacking FAST edges much harder than attacking a fixed infrastructure PoP.

Analyst Data Cloud Server [Converted] 01 Analyst Data Cloud Server [Converted] 01
3799985 01 3799985 01


Using rotational mutual TLS 1.3, security certificates with the Cloudbrink service only last a maximum of eight hours. Compared to other solutions that last 6 months to ten years, the attacker has virtually no time to use the certificate before it is invalid. Furthermore, this time can be reduced to minutes if required, and any security event can also trigger a certificate refresh.


When a user is on the Cloudbrink service, they are connected to three FAST edges. In turn, those FAST edges are connected to a network of other FAST edges. The user's individual sessions within an application take different routes that constantly change each time they use a particular app. There is no fixed route or even a fixed network provider where the data travels. Cloudbrink uses a large number of tier one, tier two and when needed, tire 3 operator networks.

10 01 01 10 01 01

Cloudbrink provides a High-Performance ZTNA service using zero trust principles based on mTLS 1.3 and it delivers advanced  Automated Moving Target Defense (MTD) by rotating security certificates, constantly moving PoPs, and changing network paths.

To avoid detection, modern attacks are "low and slow". By rotating certificates multiple times a day, these exploits that involve certificates are eliminated.

High Performance ZTNA (HAaaS), ZTNA and VPN Comparison

Branch user optimization
Hybrid user optimization
Multi-cloud connectivity
SaaS apps optimization
Software-only (minimal maintenance)
Single policy-definition (central control plane)
Single pane of glass visibility (aggregated visibility)
Granular control (per user per app)
SDP-compliant enterprise access
Automated Moving Target Defense

A Secure and Performant Remote Access Solution

The Brink App, FAST Edges, and Cloudbrink's connector software work together to provide a more secure and performant remote access solution than current VPN, SDP, ZTNA or ZTNA 2.0 offerings. The Brink App is powered by AI to overcome local Wi-Fi and broadband network challenges, while FAST Edges are automatically created close to the end user for maximum performance. This provides a high-performance, highly secure end-to-end connection to private apps or data sources.


Navy Rectangle
Navy Rectangle
Navy Rectangle

Cloudbrink's High-Performance  ZTNA Three Main Components

The Brink App, installed on end-user devices, leverages the power of AI to overcome any network challenges and guarantees an excellent quality of experience for the end-user, regardless of the network.

Enterprise access points called FAST (Flexible, Autonomous, Smart, Temporary) Edges are automatically created close to the end user enabling Cloudbrink to react rapidly to changes in demand, guaranteeing the highest possible performance. Cloudbrink can automatically scale thousands of FAST Edges. By contrast, traditional vendors typically provide only 100-200 PoPs at most. These edges form a mesh to create the fastest possible route through the cloud on a per-session basis. In contrast, other ZTNA vendors typically provide only 100-200 PoPs at most.

If required, Cloudbrink's connector software can be deployed in the customer's cloud environment or data center to provide a secure end-to-end connection to private apps or data sources.

Cloudbrink's High-Performance ZTNA is a software-only solution that uses pre-emptive and accelerated packet recovery to minimize the impact of network issues. The zero trust network architecture with AMTD combines packet recovery with FAST edges to minimize latency.

Cloudbrink Zero Trust Architecture

Cloudbrink accelerates performance by up to 30x Cloudbrink accelerates performance by up to 30x

“We were being pressured to go with Zscalar for the remote users, however the Cloudbrink zero trust access solution not only solved upgrading our current VPN environment but also improved our users' experience which is a win/win”.

Financial Services


our video or read the white paper



get your guide to hybrid work



a demonstration