provides only explicit access to selected applications or services. In ZTNA user’s remote access request
            for application is authenticated via Identity Provider/Trust Brokers and assessed for risk based on various
            contextual parameters to result in approval or denial.

            Zero  Trust  Edge  (ZTE):  ZTE  is  the  refinement  of  Secure  Access  Services  Edge (SASE),  latter  was
            introduced  by Gartner,  it combines the network and security functions  in a cloud-based  model.  Secure
            access service edge (SASE) and Zero Trust edge (ZTE) share common principles and goals such as the
            consolidation of network functionality and cloud-delivered security. However, they differ in their emphasis
            and  approach.  ZTE  considers  every  network  transaction  as  risky  regardless  of  nature  or  origin;
            emphasizing  on zero-trust it amalgamates  security solutions like ZTNA, Security Web Gateway, CASB,
            IDS/IPS, and Sandbox to provide a more secure access to application and data.



               2.  How Zero Trust Works


             Zero Trust Security works following the security principles enumerated below:

               •  Continuous Monitoring and Validation: Monitor the access of resources all the time with re-
                   verification of access continually and as the risk level changes.
               •  Identity Verification: Stringent verification of user identity against authoritative user repository
                   or identity provider.
               •  Strong Authentication:  Dynamic authentication values in addition to passwords to grant au-
                   thorized access to users.
               •  Access Control: Verify the authorization of entity to access the requested resource as well en-
                   suring the entity is not compromised.
               •  Least Privilege: Users have restricted access limited to what they need to perform in their roles
                   and responsibilities.
               •  Limit Attack Surface: Implement no implicit access to entire network with users, applications,
                   and systems getting access to specific applications/systems.  Micro-Segmentation  is a good ex-
                   ample of this principle.


               3.  Why organizations should embrace zero trust

            With evolving  threat landscape,  IT environments  going borderless,  and users  connecting  to corporate
            environment from anywhere, zero-trust has become a security imperative. Zero Trust may not be a silver
            bullet to eliminate all cyber threats from an enterprise environment. However, it substantially reduces the
            risks  and curb  the impact  of cyber-attacks.  Zero trust  principles  are  relevant  for all organizations  with
            digital footprint regardless  of their size albeit the type and scale of zero trust implementation  may vary
            with  organization  sector  and  size respectively.  To  enumerate,  below  mentioned  are  some  compelling
            reasons for why organizations  are increasingly adopting Zero Trust:

            Enhanced Security Posture: significantly reduced risk levels with verification of all access requests with
            continuous monitoring, attack surface limitation, and minimizing the damage.








            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          149
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.