What is the secret history of secure web gateway? How did this tool come about and why did it gain traction? Find out below.
The Secret History of Secure Web Gateway: The Start
Secure web gateway (SWG) started when MITRE Corporation, a non-profit research and development company focused on solving hard problems, asked a question:
- What are the common characteristics of the most costly intrusions?
- What exact steps does a well-funded advanced persistent threat actor take to gain access to systems behind that defensive perimeter?
They asked this question because they had been tasked with helping the DoD with its overall network security posture. They looked at data across the entire Department of Defense and found that these costly intrusions were a pattern.
So, more specifically they found that they had common characteristics:
1. The intruders gained access to systems through a web gateway. There are many ways to do this but it is important to note that web gateway was the most common vector of attack.
2. After gaining access through a web gateway they proceeded to pivot around the network and steal data. They did this by compromising other machines on the network. And then using those compromised machines as jumping-off points into the rest of the network.
Moreover, the fundamental problem with web gateway is that it is usually not installed for security reasons. And therefore, no one has cared about hardening it or making it secure. Because it’s not supposed to be exposed to anyone but authorized users to protect assets from unauthorized users.
Thus, this is why there was no security software installed on the web gateway by default. No firewall, no antivirus, nothing because that would have slowed down web traffic. Otherwise, it affected normal operations, something that no one wanted.
The Secret History of Secure Web Gateway: The Popularity
Before, the focus on securing web gateway was simply about protecting assets from unauthorized users. Rather than about preventing intrusions. This is what we are focused on today. But this was an important first step in getting us there. Because it raised awareness amongst developers and system administrators that security software needed to be installed on the web gateway.
Then, when MITRE Corporation published its findings, a light bulb went off. And security professionals across the globe started thinking about how to harden web gateway. This led to a discussion about how to make it secure. And eventually, a quest to develop a software product with the sole purpose of protecting web gateway.
Then, they recognized the problem and saw how an advanced persistent threat (APT) actor could compromise a web gateway. This is to pivot around the network. So, to do this they wrote several scripts that simulated an attack by an APT actor.
In doing so, he found that the best way to secure a web gateway was to use a combination of hardware and software. Thus, SWG was born.
Conclusion
So, if you are a security professional and do not know about the secret history of secure web gateway, make sure you take some time to read up on it. We hope this article was helpful.