StealthPath started from first principles, with a wholistic Zero Trust endpoint approach grounded and built upon the tenets proposed in NIST 800-207. We leveraged the Zero Trust Capability and Maturity models developed by industry thought leader Clif Triplett, which extends NIST's processes to real-world functionalities required for a complete, robust systems defense architecture.

The Zero Trust Capability Model

Designed to provide a holistic framework for setting the correct rigor of an organization's cyber defenses against potential risk. The twelve functionally-defined, security-escalating levels are complementary and not necessarily sequential. Each addresses specific trust dimensions.

  • Connection Controls: visibility of entities access network information and assets.
  • Authentication and Authorization: validating (digitally fingerprinting) entity identities and defining approved connections.
  • Trusted Membership: ensuring that access is limited to authorized entities.
  • Content Control: validating payloads do not contain malware or corrupted information.
  • Behavioral control: leveraging AI, machine learning, or other pattern analysis tools to identify anomalous activity.
  • Independent Verification: use of separate systems to validate security rules.
  • Restricted functions: limitation of formats/commands to block potential exploits.
  • Obfuscation: technological concealment/masking of traffic patterns and other system behavior.
  • Component Control: tracking the complete provenance/history of systems software and components.
  • Tamper Proof: firmware/software integrity monitoring and control.
  • Isolation: the physical and logical separation of entities and solutions from unmediated external connections.

The Zero Trust Maturity Model

Following the principles of the Software Engineering Institute Capability Maturity Model, The Zero Trust Maturity Model divides an organization's cyber readiness into stages based on their ability to defend and respond to increasing levels of risk.

  • Ad Hoc: Security controls established with an assumed level of trust in the system entities [i.e., users, applications, hardware, software, networks, and devices.]
  • Restricted: Entity access to information assets is limited to those essential to performing their defined mission functionality.
  • Isolated: allowing no unchallenged privileges for external interfaces capable of accessing system functionality or the exportation or importation of system-related information.
  • Adaptive: Development and tracking of entity behavioral profiles with continuously evolving ruleset classifying actions as permitted or indicative of malintent.
  • Verified: Validation of system component history (origin, configuration, transportation, and support) combined with strict update controls and tamper/change detection.
  • Diversified: Mission functionality is delivered from multiple independent solution sets, with continuous comparison across distinct approaches.
close slider