--- title: "App and Infrastructure Cloaking" slug: "app-and-infrastructure-cloaking" updated: 2026-01-16T15:53:40Z published: 2026-01-16T15:53:40Z --- > ## Documentation Index > Fetch the complete documentation index at: https://trusted.jamf.com/llms.txt > Use this file to discover all available pages before exploring further. # App and Infrastructure Cloaking While on-premise apps have traditionally been invisible to outside attackers thanks to perimeter-based firewalls, the adoption of Software as a Service (e.g. Microsoft 365, Salesforce), Infrastructure as a Service (e.g. AWS, GCP), and and other cloud-based technologies are not inherently locked down like this. In many cases, these applications can be reached from anywhere, with data access gated only by some form of authentication. Multi-factor authentication (MFA) has massively reduced credential-based attacks in which an attacker manages to log in, as if they were a legitimate user. However, [MFA does not help to protect against more targeted credential theft attacks](https://www.darkreading.com/cyberattacks-data-breaches/hacker-pwns-uber-via-compromised-slack-account). This leaves the accessibility of data and resources stored in the (private) cloud completely up to the efficacy of user authentication mechanisms, regardless of underlying device or network. ## Cloaking Resources from the Open Internet The best way to prevent an attack on these data resources is to **eliminate their discoverability and accessibility from the open Internet** as much as possible. This means that an attacker – fully equipped with valid employee MFA credentials and even knowledge of the system(s) they want to exploit – will simply not be able to access those systems from their unsanctioned device. For SaaS applications, an attacker **won't be able to login** to the application they are trying to reach. For IaaS and private cloud, an attacker **won't even get to the login screen** or even get a single packet to reach the target service for that matter, let alone get a response back. This is accomplished by [Enabling Access for Trusted Devices](/v1/docs/enabling-access-for-trusted-devices), followed by [Restricting Access for Anonymous Devices](/v1/docs/access-restriction-strategies). The net effect is simple: only sanctioned devices are able to "see" sensitive applications – for everyone else, the app is completely invisible. ## Cloaking Benefits - Prevents attackers from discovering apps or infrastruture that could prompt futher attack escalation and exploit attempts. - Prevents attackers that have successfully executed a credential-theft attack from being able to access apps and data as the compromised user. - Enables comprehensive visibility, reporting, and exporting (for example, via SIEM) of cloud application access activity for any SaaS or IaaS app. - Mitigates DDoS attacks that could impact app availability.