What is zero trust

Zero Trust Network Access (ZTNA), sometimes referred to as a “software-defined perimeter,” is the most common implementation of the Zero Trust model. Based on micro-segmentation and network isolation, ZTNA replaces the need for a VPN and grants access to the network after verification and authentication.

historically, enterprises have relied on a castle-and-moat cybersecurity model, in which anyone outside the corporate network perimeter is suspect and anyone inside gets the benefit of the doubt. The assumption that internal users are inherently trustworthy, known as implicit trust, has resulted in many costly data breaches, with attackers able to move laterally throughout the network if they make it past the perimeter.

Instead of focusing on user and device locations relative to the perimeter -- i.e., inside or outside the private network -- the zero-trust model grants users access to information based on their identities and roles, regardless of whether they are at the office, at home or elsewhere.

Previous(EPSS) Exploit Prediction Scoring System NextRisk Management basic steps

Last updated 4 months ago