Putting the Zero Back Into Zero-Trust – Sharon Goldberg – ESW #263
We'll cover the cutting-edge recommendations in the US federal governments January 2022 memo on their "transition to zero trust". Then we'll talk about what the standard definition of "zero-trust" means in our industry, and why it doesn't mean "trust zero things". Finally, we'll chat about architectures that can get us closer to actually trusting zero things.
Segment Resources: Analysis of the federal government's zero trust memo: https://www.bastionzero.com/blog/i-read-the-federal-governments-zero-trust-memo-so-you-dont-have-to
https://www.bastionzero.com/blog/bashing-vpns-for-fun-and-profit
Zero trust security models https://docs.bastionzero.com/product-docs/home/security-model
Announcements
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Guest
Dr. Sharon Goldberg is the CEO and cofounder of BastionZero, an infrastructure cybersecurity startup, and a tenured computer science professor at Boston University. She has taught courses in cybersecurity for over a decade and has published over 30 peer-reviewed research papers on infrastructure security and cryptography. She is a contributor to security of BGP, NTP, DNS, Bitcoin, Ethereum and IETF cryptography standards, and is an author of the 2015 attacks on NTP. Lately, she spends most of her time thinking about zero trust, bastion hosts and why perimeter VPNs are just not a good idea.
Hosts
