Zero Trust Resource Hub

With the help of cybersecurity organizations and industry experts, CSA aims to provide an online center showcasing the most important, curated Zero Trust publications in the industry. The Zero Trust Advancement Center's Resource Hub displays new and up-to-date Zero Trust content.

Architecture

NIST | Zero Trust Architecture (SP 800-207)

CSA | SDP Architecture Guide V2

CSA | Software-Defined Perimeter (SDP) Specification v2.0

US DoD CIO | DoD Zero Trust Reference Architecture

CSA-DC Chapter | Toward a Zero Trust Architecture

UK NCSC | Zero Trust Architecture Design Principles

The Open Group | Zero Trust Commandments

NIST | SP 800-207A - A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Cloud Environments

Guidance

CSA | Zero Trust Guiding Principles 7/18

CSA | Zero Trust Principles and Guidance for Identity and Access Management (IAM) 7/13

CSA | Communicating the Business Value of Zero Trust

NSA | Advancing Zero Trust Maturity Throughout the Device Pillar

US GSA | Zero Trust Architecture (ZTA) Buyer’s Guide

US DoD CIO | DoD Zero Trust Strategy

US DHS/CISA | Applying Zero Trust Principles to Enterprise Mobility

CSA-DC Chapter | Earning Trust in the 21st Century

CSA | Software-Defined Perimeter (SDP) and Zero Trust

ON2IT | Zero Trust Dictionary (ON2IT)

NIST | SP 800-215: Guide to a Secure Enterprise Network Landscape

NSA | Advancing Zero Trust Maturity Throughout the User Pillar (4/23 Update)

NSA | Embracing a Zero Trust Security Model

The Open Group | Zero Trust Core Principles

US DHS/CISA | CISA Zero Trust Maturity Model V2

Blogs

CSA | Understanding the Two Maturity Models of Zero Trust

CSA | CISA’s Zero Trust Maturity Model: An Important Step Forward in Implementing Zero Trust Security Principles

Books

George Finney | Project Zero Trust: A Story about a Strategy for Aligning Security and the Business

Jason Garbis & Jerry Chapman | Zero Trust Security: An Enterprise Guide

Jason Garbis | Getting Started with Zero Trust

Policy

US OMB | US Federal Zero Trust Strategy (M-22-09)

US President | Executive Order on Improving the Nation’s Cybersecurity (Executive Order 14028)

Recordings

CSA | Advancing Zero Trust Principles

ON2IT | FutureCon Keynote Address - John Kindervag

CSA | Demystifying Zero Trust for the C-Level (and the rest of us)

CSA | Zero In: Executive Considerations in a Zero Trust World

CSA | CSA Zero Trust Summit 2022 Session Recordings

Zscaler | Customer Zero Trust Implementation Journey Presentation

DAU | DoD Zero Trust Symposium & DAU Cybersecurity Event Recordings

CSA | Business Value of Zero Trust and How to Influence for Buy-In

UBS | The CSA UK Identity Series - 6 Short Videos

Reports

US DHS/CISA NSTAC | Report to the President on Zero Trust and Trusted Identity Management

CSA | CISO Perspectives and Progress in Deploying Zero Trust

CISA/National Security Telecommunications Advisory Committee (NSTAC) | NSTAC Report to the President: Information Technology and Operational Technology Convergence 8/23/2022

The Open Group | Jericho Forum Visioning White Paper

CSA | Zero Trust as a Security Philosophy

Single Solution Provider Resources

Guidance

Zscaler | Cybersecurity: Seven Steps for Boards of Directors

Google | Applying Zero Trust on Google Cloud

Microsoft | Implementing a Zero Trust Security Model at Microsoft

Crowdstrike | Streamline Your Zero Trust Journey

Zscaler | Seven Questions Every CXO Must Ask About Zero Trust

Books

Microsoft | The Innovator’s Guide to Zero Trust Security

Zscaler | The 7 pitfalls to avoid when selecting an SSE solution

Zscaler | Seven Elements of Highly Successful Zero Trust Architecture | An Architect’s Guide to the Zscaler Zero Trust Exchange

Architecture

Zscaler | Zscaler Zero Trust Certified Architect (ZTCA)

Reports

Okta | The State of Zero Trust Security 2022

Acuity | Advance Your Zero Trust Journey with CISA’s Maturity Model v2.0