Evan Gilman and Doug Barth, authors of Zero-Trust Networks: building secure systems in untrusted networks discuss zero-trust networks. The discussion covers: the perimeter network architecture; the threat model in modern networks; the meaning of “trust in the network”; why we should not trust our networks (it’s probably already owned); the concept of zero trust in the network; design of the zero-trust network; the control plane and the data plane; trust scoring – behavioral, policy-driven, and uses of ML/AI. encryption; running your own internal CA; trusting apps; the secure build pipeline; DevOps and the zero-trust model; tools and frameworks; where are we in the adoption curve?
Show Notes
Related Links
- Book: Zero-Trust Network by Evan Gilman and Doug Barth
- Shifting Zero-Trust Left by Gadi Naor
- Google’s BeyondCorp reference architecture
- BeyondCorp: How Google Ditched VPNs for Remote Employee Access by Joab Jackson
- BeyondCorp slide deck from OReilly Security Conference
- SE Radio 378: Joshua Davies on Attacking and Securing PKI
- SE Radio 288: Francois Reynaud on DevSecOp
- Spiffe
- Spire
- https://twitter.com/evan2645
- https://twitter.com/dougbarth
SE Radio theme: “Broken Reality” by Kevin MacLeod (incompetech.com — Licensed under Creative Commons: By Attribution 3.0)
