Zero trust vs. software-defined perimeter
Zero trust is the latest and greatest security defense. You don’t have to purchase a new product to reap the benefits. Zero trust originated from highly classified networks in the Federal Government. Software-defined perimeter and zero trust are the same thing. In a software-defined perimeter, every asset sits behind a remote access gateway. To gain access to the asset, a user, service, or other device has to authenticate with their assigned X.509 certificate and is only granted with the specific authorization required (principle of least privilege). The Cloud Security Alliance has done an amazing job at demystifying zero trust, also known as SDP. Following their lead, I will explain what zero trust is and how to implement it in your company. You probably already have some zero trust features and functionalities implemented in your company and may not realize they are considered to be zero trust. In a nutshell, zero trust is mutual authentication...
