SpiderOak releases open-source project to advance cyber protections for commercial and defense
SpiderOak today announced the release of their core technology platform as an open-source offering. The project is called "Aranya" and offers the same protections as the company's OrbitSecure platform, currently deployed within the Department of Defense. Now technology manufacturers will be able to embed and extend these same zero-trust protections natively into their own systems, while offering contributions to advance cyber protections and accelerate secure by design adoption recently advocated by the European Union and the Cybersecurity and Infrastructure Security Agency.
The Aranya project represents an inflection point for how cyber protections can be applied against ever-increasing and sophisticated AI-assisted attacks using malware, ransomware, command injection, and spoofing techniques. By transitioning protections typically enforced by vulnerable centralized security solutions and network controls to the technology manufacturers' applications and devices themselves, end-user organizations will see significant reductions in cost, complexity, and their overall attack surface. With this secure by design approach, technology providers from any industry can use Aranya to embed protections to ensure every message is authentic, authorized, and protected between applications, machines, and devices.
"Cybersecurity is the single greatest challenge for distributed systems with very complex architectures, especially in defense," said Charles Beames, Executive Chairman of SpiderOak. "From communication networks to weapons platforms, our national security depends on systems that can resist sophisticated cyberattacks. By open-sourcing the core technology, we're providing both the defense and commercial industries with a critical tool to cyber-harden their most important systems and protect the critical operations these systems support."
By leveraging the Aranya toolkit, developers can embed secure-by-design concepts into their products, enabling high-assurance message delivery, secure data exchange, and access control between applications, machines, and sensors without requiring additional security tools. The lightweight size of Aranya makes it ideal for supporting any deployment model, including low-size, weight, and power (SWaP) devices operating in decentralized, serverless architectures, ideal for the most challenging and constrained environments.
"The Aranya project addresses the need for technology providers to aid industry in mitigating the cybersecurity risk of deploying their products driving critical operations," added Dave Pearah, CEO of SpiderOak. "This next-generation capability ensures every interaction is authentic and authorized, providing a level of cyber protections that, until now, were unattainable by traditional approaches. This breakthrough allows developers to save time, effort, and money while providing powerful tools to apply security controls consistently across systems to deliver higher levels of protection and operational assurances."
SpiderOak's Aranya project is available on GitHub, complete with the resources users need to get started.