Zero Trust Journey
Zero Trust Journey isn’t about taking sides—it’s about real conversations, sharing research, and learning together. Our goal is to explore Zero Trust from every angle and help cybersecurity practitioners make sense of it in a practical, no-fluff way. And yes, we do love to chat about coffee and listen to the occasional dad joke along the way.
Here’s what we do:
- Conversations with Experts: We chat with subject matter experts who share their opinions, experiences, and Zero Trust journeys.
- Research and Product Insights: We explore Zero Trust products and solutions in the market that may fit into a Zero Trust architecture.
- A Zero Trust Architecture: We’re building and refining an ever-growing architecture focused solely on the needs of cybersecurity practitioners.
- CSA CCZT Study Group: We host a study group for the Cloud Security Alliance (CSA) Certificate of Competence in Zero Trust (CCZT).
If you’re a cybersecurity professional looking for honest discussions, practical insights, and tools that evolve with your Zero Trust strategy (plus the occasional coffee tip), Zero Trust Journey is for you. Join us!
Zero Trust Journey
Episode 20: NIST SP 1800-35 Implementing a Zero Trust Architecture
In this episode, hosts Dr. Victor Monga and Zach Pugh unpack one of the most actionable Zero Trust resources available today—NIST Special Publication 1800-35. Unlike its predecessor SP 800-207, this guide dives deep into the how of Zero Trust, providing lab-tested architectures from 24 vendor collaborators including Microsoft, Palo Alto, and Zscaler.
Victor and Zach explore how NIST’s Enhanced Identity Governance (EIG) model and real-world testing—complete with adversary emulations—finally give security leaders the blueprint they’ve been waiting for. They spotlight implementation gaps, integration hurdles, and the importance of continuous validation—not just visibility.
Highlights:
--| Why SP 1800-35 is the most practical Zero Trust guide to date.
--| Enhanced Identity Governance and the identity-first foundation.
--| Lessons from 19 tested architectures: what worked and what broke.
--| Continuous validation as a Zero Trust necessity.
--| Crawl, Walk, Run: Using the NIST maturity model to begin your journey.
--| Mapping ZTA to real-world missions and risk-based prioritization.
This is not just another framework—it's your implementation playbook. Tune in to understand what’s really required to make Zero Trust work at scale.
Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.
Disclaimer: The views expressed are those of the speakers.
