Zero Trust Glossary of Terms
This glossary provides clear, concise definitions of key Zero Trust terms to aid security professionals, IT leaders, and decision-makers in optimizing and implementing core Zero Trust tenets and principles within their security strategies.
An authorization model that grants access based on the attributes of users or devices, such as location, role, or device type.
A cloud-based security solution that acts as an entry point for users and devices, authenticating and transporting zero trust traffic allowing access to the internal, cloud environment and internet. In Dispersive’s architecture, these are just called Dispersive Gateways.
A method of verifying user identity continuously throughout the login process, using techniques like biometrics, behavioral analysis, or device fingerprinting.
An explicit definition of what data is allowed or denied across an organization’s network, ensuring only authorized access to sensitive resources.
The unique identifier assigned to each device or user, used for authentication and authorization purposes.
A cloud-based identity management solution that provides a centralized repository for user identities, credentials, and attributes.
An entity responsible for verifying user identities and issuing authentication tokens or credentials. Dispersive easily integrates into various IdP providers.
The process of dividing an organization’s network into smaller segments to isolate sensitive resources from untrusted networks and devices.
A technique used in zero-trust architecture to isolate sensitive services from other network resources, using micro-segmentation and security groups.
The set of policies, procedures, and tools used to manage access to sensitive resources within a zero-trust network.
A security model that assumes all users and devices are untrusted by default, requiring continuous verification to access sensitive resources.
A security gateway that acts as a single point of entry for users and devices, authenticating and inspecting traffic before allowing access to the internal network. In Dispersive’s architecture, these are just called Dispersive Gateways.
A network design that segregates traffic into zones based on the trustworthiness of the source device or user, using secure communication protocols like encryption and authentication.
- Network Segmentation: Sensitive data and resources are isolated from the rest of the VPC using VLANs, subnets, or other network segmentation techniques.
- Access Control: Access to sensitive resources is controlled through Identity and Access Management (IAM) policies, which ensure that only authorized users can access those resources.
- Micro-segmentation in VPC: In addition to isolating data and resources from the rest of the network, micro-segmentation also applies to individual virtual machines or instances within the VPC.
Zero Trust in Practice: Learn How to Stay Ahead of Threats
Understanding Zero Trust is the first step toward a stronger security posture. Dive deeper into preemptive cybersecurity strategies with our white paper "Preemptive Cyber Defense: Technologies and Solutions."