[PLG88]

Zero trust is a whooly term which means different things to different people, it's more of a strategya and principles than a technology. Ultimately you will have to trust something and we want to make that as small trust relationship as possible. For me, the best way is to use open source and only have trust of central key infra (the control plane/PKI) while ensuring all connections and anything that wants to attach goes through its own process of bootstrapping trust. No connections should be made to the controller or on the data plane unless endpoints have bootstrapped trust.

I work for a company that has created exactly this and we open sourced the core tech. It allows anyone to put programmable, pirvate (outbound only) connectivity based on zt principles into any app (sdk), host (tunnler) or network (edge router). It can support any use case across access, multi-cloud, IoT, and more.

Check it out - https://openziti.github.io/