|
|
|
|
|
|
by sshahone
2063 days ago
|
|
|
Heh. Though I am not an expert on the topic, I can recommend a few things. First, there are three directions the industry is heading with "zero trust" thing. (1) Zero trust access (like BeyondCorp, protects application and services when a user, user credentials, user devices are compromised) (2) Network micro-segmentation (contain impact when one network segment is compromised, dynamic network assignment) (3) Zero trust browsing (protection for users from getting infected with malicious contents served by trusted but compromised websites) Honestly, I am only more familiar with zero trust access, and for this, I can recommend you first read -> BeyondCorp A New Approach to Enterprise Security [0] by Google. The trend was kickstarted from that paper 0: https://research.google/pubs/pub43231/ |
|
|