Download Publication
Who it's for:
- Zero Trust Architects and Implementation Teams
- CISOs and other CxOs
- Information Security Managers and Analysts
- Privacy and Compliance Officers
- IT Auditors and Assessors
- Software Developers
- Network Security Engineers
Defining the Zero Trust Protect Surface
Release Date: 03/05/2024
Working Group: Zero Trust
- The definition of Zero Trust and the Zero Trust protect surface
- How to initiate the Zero Trust implementation process by defining, analyzing, and prioritizing the organization’s protect surfaces
- How to identify the DAAS elements to be protected
- The risks and potential impacts of protect surface compromises
- The difference between the attack surface and the protect surface
Download this Resource
Acknowledgements
Erik Johnson
Cloud Security Specialist & Senior Research Analyst, CSA
Worked for the Federal Reserve for many years and volunteered with the CSA with a focus on CCM/CAIQ V4, specifically the STA domain, and developing a comprehensive framework and guidance for defining and managing the cloud shared security responsibility model (SSRM).
I recently retired from the Federal Reserve and am now consulting with the CSA as a Senior Research Analyst with a focus on Zero Trust and Financial Services.
Linke...
Shamik Kacker
Shruti Kulkarni
I am a security professional with experience across various domains of security. I work in defining organisation’s security strategy, security architecture and security practices. Translating business objectives and risk management strategies into specific security processes enabled by security technologies and services. I work on gap analysis, design, implementation and...
Krishna Narayanaswamy
Michael Roza
Risk, Audit, Control and Compliance Professional
Since 2012 Michael has contributed to over 100 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud K...
Interested in helping develop research with CSA?
Related Certificates & Training
For those who want to learn from the industry's first benchmark for measuring Zero Trust skill sets, the CCZT includes foundational Zero Trust components released by CISA and NIST, innovative work in the Software-Defined Perimeter by CSA Research, and guidance from renowned Zero Trust experts such as John Kindervag, Founder of the Zero Trust philosophy.
Learn more