Zero-Trust
TODO
Identity Security (RBAC/ABAC)
Endpoint Security
Application Security
Data Security
Visibility and Analytics
Automation
Infrastructure Security
Network Security
NIST Zero Trust Architecture
NIST Zero Trust Architecture
Verify Identity
Verify Identity
Strong Passwords
Biometrics
Multifactor authentication (MFA)
Verify Access
Verify Access
Least-privileged access paradigm
Network segmentations build on roles and responsibilities
Verify Device
Verify Device
Device Health
Managed profiles
Users do not have admin on devices
Verify Service
Verify Service
Users have only trhe services needs for the job/role
Bibliography
Bibliography
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdfhttps://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf (Risk Management Framework for Information Systems and Organizations)https://www.nist.gov/privacy-framework/nist-sp-800-37https://www.nist.gov/cyberframeworkhttps://csrc.nist.gov/publications/detail/sp/800-207/finalhttps://www.nccoe.nist.gov/projects/building-blocks/zero-trust-architecturehttps://www.gsa.gov/cdnstatic/Zero%20Trust%20Architecture%20Buyers%20Guide%20v11%2020210610%20(2).pdfhttps://dodcio.defense.gov/Portals/0/Documents/Library/(U)ZT_RA_v1.1(U)_Mar21.pdf
https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf
https://www.scmagazine.com/perspective/zero-trust/identity-based-zero-trust-has-become-more-than-a-buzzword
https://www.delltechnologies.com/asset/en-us/solutions/infrastructure-solutions/briefs-summaries/dell-oracle-10-best-practices-ebook.pdf
https://www.cisa.gov/sites/default/files/2023-01/Zero_Trust_Principles_Enterprise_Mobility_For_Public_Comment_508C.pdfhttps://www.cisa.gov/publication/zero-trust-maturity-modelhttps://www.cisa.gov/publication/cloud-security-technical-reference-architecturehttps://www.strongdm.com/blog/cisa-zero-trust-maturity-modelhttps://www.strongdm.com/blog/dod-zero-trust-strategyhttps://www.strongdm.com/zero-trust
https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf
https://www.scmagazine.com/perspective/zero-trust/identity-based-zero-trust-has-become-more-than-a-buzzword
https://www.delltechnologies.com/asset/en-us/solutions/infrastructure-solutions/briefs-summaries/dell-oracle-10-best-practices-ebook.pdf
https://www.cisa.gov/sites/default/files/2023-01/Zero_Trust_Principles_Enterprise_Mobility_For_Public_Comment_508C.pdfhttps://www.cisa.gov/publication/zero-trust-maturity-modelhttps://www.cisa.gov/publication/cloud-security-technical-reference-architecturehttps://www.strongdm.com/blog/cisa-zero-trust-maturity-modelhttps://www.strongdm.com/blog/dod-zero-trust-strategyhttps://www.strongdm.com/zero-trust