Zero Trust

Definition

A security model that requires verification for every access request, regardless of location, ensuring robust protection against threats.

Use Cases

Provider Equivalents

Frequently Asked Questions

What's the difference between Zero Trust and VPN?
A VPN extends your network to the user, often giving broad access once connected. Zero Trust does not assume the network is safe; it verifies each request to each app or resource using identity, device posture, and policy, typically granting only the minimum access needed.
When should I use Zero Trust?
Use Zero Trust when you have remote or hybrid workers, multiple cloud environments, sensitive data, third-party access needs, or you want to reduce the risk of lateral movement after an account is compromised. It’s especially useful when you want per-application access instead of full network access.
How much does Zero Trust cost?
Costs depend on scope and tooling: identity provider licensing (SSO/MFA), device management/EDR, access proxies or ZTNA services, logging/SIEM, and implementation effort. Pricing is often per user/month for identity and ZTNA, plus usage-based costs for logging and network egress. The biggest cost drivers are the number of users/apps, required security signals (device posture, risk scoring), and integration/operations work.

Category: emerging

Difficulty: advanced

Related Terms

See Also