SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
BackBox introduces Zero Trust Network Operations for improved security
Thu, 1st Feb 2024

BackBox, a key player in security-centric Automation for Network Teams, has announced a significant move towards enhancing network security by introducing Zero Trust Network Operations (ZTNO). The latest offering is a novel best practice framework equipped with six actionable pillars to automate cybersecurity considerations at the network layer for NetOps teams.

Crucially, BackBox's Network Automation Platform has been upgraded with improved Privileged Access Manager, Network Vulnerability Management, and Search, all in an attempt to simplify ZTNO for network teams.

This cutting-edge development comes as federal agencies and their contractors face a Zero Trust Architecture (ZTA) implementation mandate by September 2024. BackBox's ZTNO presents a timely, efficient, and comprehensive solution in this context. ZTNO reflects BackBox's ability to convert complex security requirements into actionable solutions. Importantly, this new product is aligned with the ZTA defined in NIST document 800-207 and effectively tackles essential NetOps challenges.

The ZTNO framework introduces six pillars; the initial two target network administrators, while the last four focus on network devices. Among other features, ZTNO ensures secure access by integrating different credential vaults and providing a secure API for whether accessing via API, WebURL, or CLI.

Beyond noting changes in an immutable log, privileges are centrally controlled at the BackBox server, ensuring all logins are audited and recorded. Before device onboarding, the configuration must be remediated via policy enforcement. Moreover, devices are evaluated for security risks and patched if susceptible to known vulnerabilities.

Josh Stephens, CTO of BackBox, explained that Zero Trust Network Operations (ZTNO) transforms the concept of zero trust into actionable steps. NetOps teams can use this framework to establish a Zero Trust NetOps environment that aligns with an organisation's overall Zero Trust Architecture. The goal is to maintain network security effectively without hindering the productivity of network engineers. 

Josh Stephens said, "ZTNO makes zero trust actionable; NetOps teams can follow the framework to create a Zero Trust NetOps environment that complements an organisation's Zero Trust Architecture. It ensures the network remains secure without limiting a network engineer's ability to get things done."

The ZTNO framework is distinguished by its rapid time-to-value use cases, including privileged access management, continuous compliance on discovery, and vulnerability management and mitigation. Integration with a broad array of network and security devices, no-code automation eliminating the need for a developer skillset to implement zero trust, and an API-first approach make ZTNO particularly unique.

Andrew Kahl, CEO of BackBox, highlighted the significant progress in network security with the introduction of Zero Trust Network Operations (ZTNO). He remarked, "Our introduction of Zero Trust Network Operations (ZTNO) marks a significant advancement in network security. It stands as a testament to BackBox's leadership and innovation in network automation, aligning NetOps with Zero Trust principles in a user-friendly, efficient, and comprehensive manner."