<h1 id="zero-trust-session">Zero Trust Session<a aria-hidden="true" class="anchor-heading icon-link" href="#zero-trust-session"></a></h1>
<ul>
<li><a href="/wiki/notes/52ldf4z80p3bq17ropr5vex">hadPresenter</a> <a href="/wiki/notes/blz7k0deczlwxi3hubkwkb6">@den-jones</a>
<ul>
<li>has deployed <a href="/wiki/notes/3uqoieue7hkxoc6qhcv9810">Zero Trust Network Access</a> with three different technologies</li>
</ul>
</li>
<li>authentication only focused on the user and ignores the device</li>
<li>mistakenly consider the corporate network "safe"</li>
<li>network perimeter no longer a security boundary</li>
<li>"we don't want to back-haul all the traffic to inspect all the packets"</li>
<li>make the user experience better
<ul>
<li>"never enter a password again"
<ul>
<li>use a certificate tied to device and user</li>
</ul>
</li>
<li>self-remediation</li>
<li>no more VPN... "internet facing application, but accessed via reverse-proxy"</li>
</ul>
</li>
<li>ZTNA</li>
<li>if you're not using it, remove access</li>
<li>"access proxy is still a VPN, kinda, but the user never logs in"</li>
<li>policy engine:
<ul>
<li>if you have a cert, edr, and patches, we let you in</li>
</ul>
</li>
<li>adobe had 5 data classifications; "smoking crack"</li>
<li>fewer tools</li>
<li>suites don't integrate</li>
<li>IDP was big; </li>
<li>"get your cmdb right" is bullshit, could take 20 years</li>
<li>Get started
<ul>
<li>sell vision, people, process and technology</li>
<li>begin with cross-functional core team</li>
<li>find a concrete use case</li>
<li>start by integration with your existing auth platform</li>
</ul>
</li>
<li>"executive support is essential"</li>
<li>introduce zero-trust principles, but avoid the term zero trust</li>
<li>active communication (use a countdown)</li>
<li></li>
</ul>
<hr>
<strong>Backlinks</strong>
<ul>
<li><a href="/wiki/notes/leiouwjn4tf8akfdfvf1ip2">Cybersecurity Summit Los Angeles 2022</a></li>
</ul>

Zero Trust Session

public-notes


Welcome! And beware!  

## Purpose

This vault is the "[[learning-in-public|ar.swyx.learn-in-public]]" part of my Second Brain. If you share some of my interests, please [reach out](https://djradon.github.io)! 

## Contents

- [[t]] my personal wikipedia
- [[idea]] (not necessarily mine)
- Resource Notes, including highlights, thoughts and metadata, for various things:
  - [[ar]] mostly articles, papers and web pages
  - [[book]]
  - [[community]]
  - [[course]]
  - [[event]]
  - [[game]]
  - [[loc]]
  - [[org]]
  - [[user]] 
  - [[prdct]] mostly software products, but also ontologies
  - [[recipe]]
  - [[video]] movies, tv episodes, youtube, etc
- [[vs]]
- [[wanted]]
- Some "Metadata Notes":
  - [[tags]] which may refer to any and multiple (or none) of the above
  - [[c]]: ways to categorize resources
  - [[p]]: ways to assert things about resources (mostly abandoned)

In terms of the [[t.km.zettelkasten]] method, this wiki is a commingling of literature notes with something @Sönke-Ahrens warned about: a "personal Wikipedia or a database" [^1]. 

In terms of [[t.tm.getting-things-done]], it's references, someday-maybe, next actions, and public projects.

## Beware!

This is a cluttered cupboard of jumbled jottings riddled with inaccuracies, confusion, and mistakes.

## What This Is Not

- evergreen-notes/digital-garden: for "synthesized" / original-ish publishable big-idea notes that should evolve over time, props to @andy-matuschak and @maggie-appleton
- blog: for "point-in-time" items to be shared: personal news, articles, etc.
  - e.g., [[ar.substack.carpe-noctem]]


[^1]: [[book.how-to-take-smart-notes]]  