Zero Trust: Beyond the Buzzwords
7 February 2023 | State of Open, London UK
“Zero Trust” is a term that’s everywhere these days. But what does it really mean? What’s it really trying to achieve? And how can we implement something that actually increases our security? In this session, Matt will cover zero-trust networking, succinctly defining it with five criteria. He’ll talk about how this can be implemented in modern and traditional environments alike, and how the latest NIST standards can guide us in building high-trust systems. He will also explore the compute side of things, from the use of containerisation and eBPF for strong isolation, to trusted execution environments tied to TPMs. He will focus on practical supply chain issues - using SBOMs to know what’s in software images, building custom minimal images, and keeping ca-certs up to date.