Verify — Zero-Trust Remote Access
SMS-verified, time-limited access — no standing RDP or SSH exposure
What it does
Verify replaces static always-open VPNs and exposed RDP ports with a zero-trust access model. Users authenticate via SMS before a dynamic, time-limited firewall rule opens RDP or SSH access — for them, from their IP, for the session duration only. When the session ends, the rule closes. There is no standing access. There is no exposed port waiting for a scanner to find.
RDP is the number one initial access vector for ransomware: The solution isn't disabling remote access — your team needs it. The solution is eliminating standing access. Verify means there is no exposed RDP port to scan, no credential to brute-force. You can't attack a door that doesn't exist until it's needed.
Capabilities
- SMS-based second factor before any remote access is permitted
- Dynamic firewall rules: source IP + destination port + time window — automatically provisioned
- Session duration enforcement: access expires and the rule closes, even if the user forgets to disconnect
- Full audit log: who accessed what, from where, for how long — every session recorded
- RDP and SSH support — covers the two protocols responsible for the majority of remote access breaches
- Integration with AlertMonitor alert stream: failed verifications generate analyst alerts
- Works alongside existing MFA — Verify is the access gating layer, not a replacement for your IDP
How it works
Verify uses Twilio SMS delivery for authentication codes. On successful verification, AlertMonitor's firewall rule management API provisions a time-scoped rule on the target firewall (Cisco ASA, Fortinet, pfSense supported). Rule expiry is enforced by a scheduler independent of session state — even if the endpoint crashes, the rule closes on schedule. All authentication attempts, rule provisioning events, and session records are written to an immutable audit log.