It's a bit strange to post this here without context. BeyondCorp is essentially the same as Zero Trust if I am not mistaken https://en.wikipedia.org/wiki/Zero_trust_security_model

Open Source applications include:

- https://landing.openziti.io/

- https://www.ory.sh/oathkeeper/

Any other important projects I am missing?

Am I crazy or is there nothing here? I see an abstract, a link to some unrelated search, “research areas” (another unrelated link) then a footer with a link to their team. Where do I actually read about beyondcorp?

BeyondCorp is such a great idea! I wish it were easier to implement from other companies.

From 2014, so I guess posted as anniversary reminder?

When I was a network guy I used to argue more in favor of letting everything we could over the internet. it was cheaper than the various private circuits, and more reliable than VPNs.

Then when I started programming I realized we can’t trust programmers to do anything safely. And I wanted to airgap everything, but ofcourse that’s ridiculous.

So while we should assume all endpoints are open to the internet, I don’t think we should actually let them be. That would be madness.

does anyone expect every printer and network managed light fixture to stay up to date and vulnerability free? Even if it does, do we trust the vendors to not start spying on their customers?

I suspect this was mostly about selling the enterprise on saas/the cloud/google office. And it worked.

Link to paper: https://www.usenix.org/system/files/login/articles/login_dec...

(2014)

Zero Trust before it became buzzword-ized!

Silly name, with common sense concepts!

A lot of people wrongly believe this means no firewall. If you don't use firewalls (yes, even for web traffic and SaaS, limit who can access your stuff), you are doing something wrong.

[flagged]