Table of Contents
About the Author xi
Acknowledgments xiii
Foreword xv
Introduction xxi
Chapter 1: The Case for Zero Trust 1
Key Takeaways 10
Chapter 2: Zero Trust Is a Strategy 13
Key Takeaways 26
The Four Zero Trust Design Principles 27
The Five-Step
Zero Trust Design Methodology 27
The Zero Trust Implementation Curve 27
Chapter 3: Trust Is a Vulnerability 29
Key Takeaways 39
Chapter 4: The Crown Jewels 43
Key Takeaways 54
Chapter 5: The Identity Cornerstone 57
Key Takeaways 71
Chapter 6: Zero Trust DevOps 73
Key Takeaways 83
Chapter 7: Zero Trust SOC 87
Key Takeaways 100
Chapter 8: Cloudy with a Chance of Trust 103
Key Takeaways 113
Chapter 9: A Sustainable Culture 117
Key Takeaways 129
Chapter 10: The Tabletop Exercise 133
Key Takeaways 147
Chapter 11: Every Step Matters 151
Key Takeaways 159
Appendix A: Zero Trust Design Principles and Methodology 165
The Four Zero Trust Design Principles 165
The Five-Step Zero Trust Design Methodology 166
Appendix B: Zero Trust Maturity Model 167
Appendix C: Sample Zero Trust Master Scenario Events List 171
Appendix D: For Further Reading 179
Standards, Frameworks, and Other Resources 179
Case Studies 180
Google BeyondCorp Papers 180
Books 181
Hardening Guides 181
Glossary 183
Index 191