Zero Trust

Zero trust provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised.

ZTA is an enterprise’s cybersecurity plan that uses zero trust concepts and encompasses component relationships, workflow planning, and access policies. Therefore, a zero trust enterprise is the network infrastructure (physical and virtual) and operational policies that are in place for an enterprise as a product of a ZTA plan.

This page is under construction, refresh it often!

The strategic conclusion of this report is that achieving a mature Zero Trust Architecture is not a matter of purchasing a single product. It is an exercise in architecting an integrated ecosystem. The most effective strategies will likely involve a core platform (such as Microsoft or Cisco) acting as the central Policy Engine and Administrator, enriched by telemetry and context from best-of-breed specialists (like Varonis or the Ohalo & Collibra entity for data, SailPoint for identity, and Trellix for threat analytics) and enforced by dedicated Policy Enforcement Points (like Zscaler or Akamai). The ultimate vendor selection must be aligned with an organization's existing technology stack, risk profile, and strategic security objectives.