Software Defined Perimeter (SDP), also called a "Black Cloud", is an approach to computer security which evolved from the work done at the US Defense Information Systems Agency (DISA) under the Global Information Grid (GIG) Black Core Network initiative around 2007.
Connectivity in a Software Defined Perimeter is based on a need-to-know model, in which device posture and identity are verified before access to application infrastructure is granted. Application infrastructure is effectively “black” (a DoD term meaning the infrastructure cannot be detected), without visible DNS information or IP addresses. The inventors of these systems claim that a Software Defined Perimeter mitigates the most common network-based attacks, including: server scanning, denial of service, SQL injection, operating system and application vulnerability exploits, man-in-the-middle, cross-site scripting (XSS), cross-site request forgery (CSRF), pass-the-hash, pass-the-ticket, and other attacks by unauthorized users.
Source: Wikipedia, May 2017