cybersecurity pattern
Zero Trust Architecture
Never trust, always verify. Modern security model assuming breach and verifying every request.
Time
Architectural decision
Space
N/A
🧠Mental Model
“Airport security - even pilots get checked. Being inside doesn't mean you're trusted.”
Verbal cue: Verify explicitly, least privilege, assume breach.
🎯Recognition Triggers
When you see these patterns in a problem, consider this approach:
zero trustnetwork securityidentity verificationmicrosegmentationBeyondCorp
💡Interview Tips
- 1Zero Trust replaces perimeter-based security
- 2Mention Google's BeyondCorp as reference implementation
- 3Key components: identity, device, network, application, data
⚠️Common Mistakes
- ✕Thinking VPN = Zero Trust (it's not)
- ✕Only applying Zero Trust to external users
- ✕Not considering device posture