Frequently asked questions
What if BastionZero is compromised?
If BastionZero’s cloud service is compromised, then the adversary’s options are limited. The adversary can drop messages as they traverse the cloud service, but they cannot execute commands or set up tunnels to the target. This follows because the attacker does not have a valid user account on the Identity Provider (SSO) associated with the target. The targets validate each access against the SSO; so if the SSO has not validated the access, the target will not accept the connection!
What if the user’s SSO is compromised?
Targets are still secure as long as the user’s independent MFA to the BastionZero cloud service is not compromised.
What if BastionZero and the user’s SSO are both compromised?
An adversary can compromise the system only if the BastionZero cloud service was compromised along with a valid user SSO. This scenario is improbable because it means the attacker has compromised multiple independent systems: BastionZero’s cloud service AND the SSO. The increase in attack complexity is the desirable consequence of our MrZAP protocol, which uses multiple roots of trust to eliminate single points of compromise.
Who designed and built your protocol?
We did. Our team includes multiple PhD cryptographers who have collectively authored over 30 peer-reviewed papers in security and cryptography. You can learn more about our protocol by reading our whitepaper or visiting our open-source repositories!