All reports
05/2025 - 05/2025
Advanced Security Test Report: Cisco Universal ZTNA – IAM (Protection)
Managing identity and access in the real world
Cisco Universal ZTNA test results by SE Labs.
SE LABS tested Cisco Universal Zero Trust Network Access (ZTNA) against a range of attacks designed to bypass traditional security controls.
These attacks were realistic, using the same tactics and techniques as those used against victims in recent months.
Testers attacked target systems protected by Cisco Universal ZTNA. These same testers acted in the same way as we observe advanced attack groups to behave.
Attacks initiated from the start of the attack chain, using stolen credentials, multi-factor flooding techniques and hijacked sessions.
Each attack was run from the very start to its obvious conclusion, which means attempting to steal, encrypt and destroy sensitive data on the target systems.
This report is the first independent assessment of a service that aims to make it more secure to connect to cloud services.
If you’re interested in IAM, SASE and ZTNA then this is the report for you. We’ll explain what all those terms mean here.
The general term for ensuring that only the right people (or computers) can gain access is called Identity and Access Management (IAM). This is an IAM security report, but you could just as well call it an Identity Threat Detection and Response test.
SASE: Beyond the VPN
Many organisations use services in the cloud, needing high-performance, well-controlled authentication. Data needs to be accessible, at high speeds, but using strong security.
And businesses need to manage this security simply.
Secure access used to be handled primarily by Virtual Private Networks (VPNs). Demand for faster, more flexible approaches means that we’re more likely to connect to a well-distributed cloud service.
This is what SASE means – Secure Access Service Edge. It offers Secure Access, providing this Service at a location close to the user, at the ‘Edge’ of the internet. SASE includes a number of services. The one we’re interested in here is authentication.
Zero Trust
A Zero Trust Network Access (ZTNA) approach to authentication means, simply, that a system should never trust another system. It requires verification every time access is needed. This approach often includes the use of multi-factor authentication (MFA). However, it can become much more advanced and look at context. Such context coudl be “why is Simon logging in from London and Indonesia at the same time?”
Does Cisco Universal ZTNA Work?
Cisco’s Universal Zero Trust Network Access (UZTNA) is a solution combining multiple products to provide zero trust authentication. In this test we tested like hackers, attempting to break in using different techniques from different part of the world. We are proud to present the results in this report.
