Zero Trust er en sikkerhedsmodel baseret på princippet aldrig stole, altid verificer — i stedet for at have tillid til noget baseret på netværkslokation (indeni vs uden for), bliver hver adgangsanmodning godkendt, autoriseret og verificeret. Det adresserer svaghederne ved traditionel perimeterbaseret sikkerhed.
Problemet med perimeterbaseret sikkerhed
TRADITIONAL ("castle and moat") security:
→ a strong PERIMETER (firewall); trust everything INSIDE the network
✗ once an attacker gets IN (breach, insider, compromised device), they move FREELY
(lateral movement) — the inside is implicitly trusted
✗ doesn't fit modern reality: cloud, remote work, mobile, distributed services (no clear
perimeter)
