Table of Contents
About the Author xi
Acknowledgments xiii
Foreword xv
Introduction xxi
Chapter 1 The Case for Zero Trust 1
Key Takeaways 10
Chapter 2 Zero Trust Is a Strategy 13
Key Takeaways 26
The Four Zero Trust Design Principles 27
The Five-Step Zero Trust Design Methodology 27
The Zero Trust Implementation Curve 27
Chapter 3 Trust Is a Vulnerability 29
Key Takeaways 39
Chapter 4 The Crown Jewels 43
Key Takeaways 54
Chapter 5 The Identity Cornerstone 57
Key Takeaway? 71
Chapter 6 Zero Trust DevOps 73
Key Takeaways 83
Chapter 7 Zero Trust SOC 87
Key Takeaways 100
Chapter 8 Cloudy with a Chance of Trust 103
Key Takeaways 113
Chapter 9 A Sustainable Culture 117
Key Takeaways 129
Chapter 10 The Tabletop Exercise 133
Key Takeaways 147
Chapter 11 Every Step Matters 151
Key Takeaways 159
Appendix A Zero Trust Design Principles and Methodology 165
The Four Zero Trust Design Principles 165
The Five-Step Zero Trust Design Methodology 166
Appendix B Zero Trust Maturity Model 167
Appendix C Sample Zero Trust Master Scenario Events List 171
Appendix D For Further Reading 179
Standards, Frameworks, and Other Resources 179
Case Studies 180
Google BeyondCorp Papers 180
Books 181
Hardening Guides 181
Glossary 183
Index 191