Appgate SDP
SDP Overview
Learn how Appgate SDP reduces risk and complexity, and why it's the industry's most comprehensive Zero Trust network access solution.
How Appgate SDP Works
Find out about the inner-workings of the most flexible and adaptable Zero Trust Network Access solution available today.
SDP Integrations
Explore security, IT and business-system integrations that can enhance and help you adapt Appgate SDP to your existing workflows
SDP for Developers
Access developer tools and resources to maximize the value of your Appgate SDP deployment.
Zero Trust Network Access for:
Risk-Based Authentication
Learn how Risk-Based Authentication provides a frictionless, intelligent and data-informed approach to user authentication.
Strong Authentication
Find out how you can provide secure, frictionless access with the right multi-factor authentication method.
Transaction Monitoring
Explore the tools you can use to intelligently identify and prevent online fraud.
Behavioral Biometrics Service
Learn how behavioral analysis and machine learning stop fraudulent online web activity in real-time.
Secure Consumer Access for:
Digital Threat Protection
Discover how you can gain unparalleled threat visibility and the risk management tools that enable early identification and elimination of potential attacks.
Key Features
Take a deep dive into the features and tools contained within our industry-leading Digital Threat Protection (DTP) solution.

George WilkesNovember 15, 2019

What Is Zero Trust?

The Zero Trust model has taken the industry by storm and redefined how organizations should approach cyber security. Having a grasp on what Zero Trust entails and understanding its importance, will ensure your are a step ahead of the rest.


The days of well-defined network perimeters, centralized IT, and offices are gone. The new reality is a digital enterprise landscape without perimeters in which customers, employees, and partners can connect from any location: a business that is everywhere. Outdated security models built on a trust but verify approach are no longer adequate and are, in fact, dangerous, easily exploited, and unnecessarily complex.

Zero Trust is a paradigm shift toward a never trust, extensively verify mindset — whether a user is privileged or not. According to Jason Garbis, Appgate VP of Products, and Co-Chair, Software-Defined Perimeter working group with the Cloud Security Alliance, “Zero Trust takes a different approach from traditional security — it never grants any type of access, either at a network or application layer — based on assumed trust. It requires that trust be earned through proactive device introspection, identity validation, and contextual analysis that is continuously re-evaluated using a contextual, risk-based approach”. The Zero Trust promise is based on three key security concepts:

  • Secure Access – Zero Trust requires an identity-centric approach to authentication. Rather than a simple yes or no to confirm user access based on whether the IP address has privileges, it is dependent on the contextual variables surrounding a user’s access request.

Take a look as Jason discusses the topic in-depth on stage at the 2019 CSA Summit.

  • Least Privilege – Once secure access is permitted to a user, the scope of that trust will continue to be limited. Users and devices are permitted to access only approved resources while everything else remains invisible and inaccessible.

With Optiv we discuss reducing attack surface and preventing lateral movement in this webinar.

  • VisibilityIn order to arm your analysts with timely and accurate data, your Zero Trust efforts should include the ability to view access request details for all North/South and East/West network traffic, empowering your SOC to make quick decisions for faster remediation and identify blind spots.

Understanding the Five Zero Trust Attack Surfaces

For those who prefer a visual, download our Zero Trust Infographic

Zero Trust protection can be evaluated across five typical attack surfaces:

  1. People Users are extensively verified by Zero Trust based on contextual variables, device security posture, and multi- factor authentication, only permitting conditional access to approved resources.
  2. Workloads The Zero Trust model requires making server ports invisible to prying eyes and further unifies privileged access to and between all heterogeneous environments, automating security to scale with workloads.
  3. Networks Zero Trust is able to limit access with network segmentation and confines lateral movement, keeping unauthorized resources invisible, across all environments. It ensures all access is trusted by continuously authenticating users and devices.
  4. Devices With a Zero Trust approach, networks are restricted entry by isolating BYOD and IoT devices to prevent lateral movement. For user devices, it neutralizes attacks and evaluates device security posture as criteria for secure access to workloads and data.
  5. Data Providing encrypted 1:1 tunnels to secure data flows, Zero Trust security limits and controls access to sensitive databases, and emulates data exfiltration techniques to unearth vulnerabilities before adversaries can take advantage.

Getting Started with Zero Trust

Zero Trust is a transformation of your security operations and supporting technology stack. The market today is ripe with vendors promising Zero Trust and a quick glance at the floor of any industry trade show, offers a first-hand view of the crowded nature of the cybersecurity marketplace.

We urge our customers to adopt a focused approach to Zero Trust, where priorities take precedent over pizazz. Our Zero Trust framework takes a straightforward approach that addresses critical flaws and complexity in today’s security organizations:

  • Reducing the Attack Surface
  • Securing Access to Critical Systems
  • Neutralizing Adversaries

Since significant advancements in IT has left security in the dust, it is natural to want to accelerate your journey to Zero Trust. The Appgate Software-Defined Perimeter, offers a better approach to Network Security to replace or augment legacy solutions incapable of achieving Zero Trust. If you are serious about Zero Trust, we invite you to explore Appgate SDP, take it for a Test Drive or schedule time with an expert.

Receive News and Updates From Appgate