DevOps Dictionary

Zero Trust is a security model that treats every access request as untrusted by default, even if it comes from inside the network. It addresses the problem that modern environments (cloud services, remote work, and microservices) make a traditional “trusted internal network” assumption unsafe. At a high level, Zero Trust works by continuously verifying identity and device posture, enforcing least privilege (only the minimum permissions needed), and segmenting access so a compromise in one area doesn’t automatically spread. Requests are evaluated using signals like user authentication, device health, location, and the sensitivity of the resource, then allowed only when policy conditions are met.

With Zero Trust, breaches tend to be contained and access is auditable and policy-driven; without it, a single stolen credential or compromised laptop can enable broad lateral movement and harder-to-detect data exposure. This gap exists because implicit trust turns the network into a shortcut around verification, while Zero Trust keeps verification in the access path.