Skip to content
Contact Us

A practical path to real world Zero Trust implementation

“StealthPath’s model will save us two years in our mandated move to Zero Trust” – US Department of Defense organization

Zero Trust Model

The Zero Trust Capability and Maturity Model (ZTCMM) provides a comprehensive managers and practitioner’s blueprint for zero trust assessment and implementation.  Our model is a bridge between the massive detail of NIST 800-53 Security & Privacy Controls and the high-level philosophy and approach of NIST 800-207 Zero Trust Architecture.  Our model provides a set of holistic controls designed to guide a phased adoption and effective implementation path of zero trust practices across an organization’s entire enterprise or environment of interest. Our clients can navigate to a zero-trust posture with the ZTCMM as a roadmap and metrics framework. By enhancing their situational awareness, they build the capability to detect and contain malicious traffic that would elude traditional cybersecurity protections.  A holistic approach, ZTCMM addresses the danger of an ad hoc, patchwork approach that inevitably leaves significant gaps and vulnerabilities.

The ZTCMM is vendor-agnostic because a comprehensive zero trust implementation strategy requires more than one product. The optimal approach most likely combines multiple software and hardware products, along with risk-based policies and processes.

There are four levels of offering:

ORGANIZATIONAL READINESS

Getting started is often the hardest part. Zero trust is a transformational approach, ultimately touching every aspect of your approach to identification, authorization, and monitoring network behavior. It is a people challenge as well as a technical one. You need to align both.

StealthPath helps companies build a foundation for success in key areas:

  • Training
  • Governance
  • Risk Model
  • SWOT Analysis

ZT TRANSFORMATION MENTORING

StealthPath’s subject matter experts provide real world experience in moving toward a new zero trust environment:

  • Identifying critical assets
  • Documenting available resources
  • Prioritizing initiatives
  • Establishing a transformational roadmap

ORGANIZATIONAL ALIGNMENT

  • Objectives
  • Business case
  • Metrics
  • Communication Plan
  • Change Management

ZERO TRUST EVOLUTION

  • Requirement definition
  • Architectural Assessment
  • Program Management

Staged Adoption Path

While there are significant commonalities among companies seeking to move to zero trust, every one is different. There is neither a uniform starting point nor a common destination. Implementing security is always a trade-off between protection and convenience. StealthPath builds products that are designed for flexible implementation within an approach grounded on step-by-step, risk-justified adoption

The journey to zero trust has multiple stages:

PREPARATION

Success of any transformation depends on organizational knowledge and commitment. Even flawed legacy approaches have a lot of organizational inertia. People are accustomed to doing their job the way they have always done it. Anything that disrupts that is going to meet some level of resistance. It is important to start with top level commitment and broad understanding of what is driving the move to zero trust.

StealthPath’s training and consulting services, based on our proprietary Zero Trust Capability Model, are designed to build the knowledge and buy-in required for success.

INVENTORY

Identification of every user and asset on your network is fundamental to creating a zero trust environment. Each entity must be documented and associated with a range of independent digital fingerprints to ensure that actions can be continuously monitored and highly specific access and behavioral rules enabled.

StealthPath’s ZAware is the key component in providing this functionality.

POLICY DEVELOPMENT

Arguably the most challenging part of a zero trust environment is creating the ruleset that controls entity interactions. Doing this requires a deep understanding of what is necessary for effective system functionality, and what events may indicate a potential breach.

StealthPath’s analysis capabilities, combined with enterprise expertise through the intuitive ZAlert console, enables organizations to build and test their policies over time. And, through ZProtect, to integrate them with leading third party firewall or SIEM solutions.

CONTINUOUS SITUATIONAL AWARENESS

It doesn’t take long for a cyber exploit to bury into your network. The damage it does is likely to be intermittent and unpredictable. StealthPath’s always-on monitoring solutions are designed to provide real-time or near real-time insight into what is going on on your networks, and the ability to identify singular hostile actions amid the complexity of nominal interactions is the challenge.

ADVANCED ANALYSIS

Using AI-capabilities, StealthPath leverages a broad set of unique identifiers to track and analyze the activity of every asset.

  • Every connection and every transaction establishes an event which is collected, analyzed and correlated to a unique pattern of behavior between endpoints
  • Using AI… we identify outliers… moving away from the simple approach of white/blacklisting which can often be compromised through stolen credentials
  • All endpoint behaviors are characterized to assess events against norms to identify anomalies
  • Anomalies can be pinpointed to a specific device, time and even the transaction

RAPID RESPONSE

ZEnforce creates policy enforcement rules that can be implemented in leading SIEM/firewall/network switch solutions.

FULL POLICY ENFORCEMENT

StealthPath’s multi-patented ZEnforce capability is a key component of our internal cybersecurity platform. It is planned for release as commercial project in 2023.

Behavioral Configuration Management

Behavioral Configuration Management leverages artificial intelligence (AI) and human feedback to evolve rules for expected behavior and anomaly response within a continuously monitored environment- without any change in legacy environments.

Using AI-capabilities, StealthPath leverages a broad set of unique identifiers to track and analyze the activity of every asset.

  • Every connection and every transaction establishes an event which is collected, analyzed and correlated to a unique pattern of behavior between endpoints
  • Using AI… we identify outliers… moving away from the simple approach of white/blacklisting which can often be compromised through stolen credentials
  • All endpoint behaviors are characterized to assess events against norms to identify anomalies
  • Anomalies can be pinpointed to a specific device, time and even the transaction

StealthPath’s approach extends beyond traditional configuration management policies, building and applying rules that may reveal hidden threats.

  • Provides benefits well beyond traditional CMDBs by cataloging the behaviors between any two entities
  • Can be utilized for operations, security or both
  • Provides operations and security event detection and visibility at a granularity superior to other solutions
  • Implementation requires no agent software to be installed reducing virtually all risk
  • Can be implemented isolated from the internet or leverage cloud services
  • Enabler for gaining Continuous Monitoring (CM) Authorization to Operate (ATO) with Zero Trust

By monitoring behaviors of every devices and connection, we ensure compliance at the fundamental level of granularity. Over time, a deep historical perspective is achieved based on a wide variety of interaction dimensions, including:

  • Frequency of communications
  • Source location
  • Timing
  • Typical payload size
  • Typical transaction kinds and groupings
  • Associations with other atypical actions

The end result is the ability to look beyond the surface of interactions to identity potential anomalies and outliers that would not be detected by other means.