{"id":22322,"date":"2018-12-17T17:00:45","date_gmt":"2018-12-17T17:00:45","guid":{"rendered":"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/?p=87163"},"modified":"2018-12-17T17:00:45","modified_gmt":"2018-12-17T17:00:45","slug":"zero-trust-part-1-identity-and-access-management","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/","title":{"rendered":"Zero Trust part 1: Identity and access management"},"content":{"rendered":"<p>Once in a while, a simple phrase captures our imagination, expressing a great way to think about a problem. Zero Trust is such a phrase. Today, I\u2019ll define Zero Trust and then discuss the first step to enabling a Zero Trust model\u2014strong identity and access management. In subsequent blogs, we\u2019ll cover each capability of a Zero Trust model in detail and how Microsoft helps you in these areas and end the series of blogs by discussing Microsoft\u2019s holistic approach to Zero Trust and our framework.<\/p>\n<h3>Zero Trust defined\u2014everything is on the open internet<\/h3>\n<p>In some ways, the easiest way to think about Zero Trust is to assume everything is on the open internet, even resources we think are safe in our \u201cwalled gardens.\u201d With Zero Trust, we move from the world of implicit assumptions made based on single elements to explicit verification of all elements of access.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-87175\" src=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-1.png\" alt=\"\" width=\"640\" height=\"360\" srcset=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-1.png 640w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-1-300x169.png 300w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-1-330x186.png 330w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-1-400x225.png 400w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\"\/><\/p>\n<p>Attacks are at an all-time high, and most are effective because of assumptions based on the idea that users are safe on corporate networks. These assumptions may have made sense 25 years ago because only email could flow beyond the corporate network, remote work was rare, and personal device use for work was virtually unheard of.<\/p>\n<p>But even in the early days, hackers took advantage of these assumptions. From abusing dial-in numbers for remote work on FTP servers to stealing credentials for email, attackers have long known that once you have ports facing the outside world, your whole network is out there too.<\/p>\n<p>You may have hardened your external access points by requiring Multi-Factor Authentication (MFA) or certifications to access your VPN, but in our investigations we see time and time again that either because of new exploits, or because of exceptions made to reduce friction with demanding (and sometimes VIP) workers, the assumption that \u201cif they are on my network, it\u2019s OK\u201d is not good enough.<\/p>\n<h3>First step to enable a Zero Trust model\u2014strong identity and access management<\/h3>\n<p>When we talk about a Zero Trust model\u2014and assuming that all of our users, applications, machines, and users are on the internet\u2014we move from a model of implicit trust to one of explicit verification, where:<\/p>\n<ul>\n<li>Rather than assuming we have a user that is in a high assurance session (for example: MFA) because of the network, we verify the claim explicitly.<\/li>\n<li>Instead of assuming the user has a valid machine because of the network, we verify the device explicitly.<\/li>\n<li>Instead of allowing access to file shares because the user is on the network, we explicitly classify and encrypt data\u2014and so forth.<\/li>\n<\/ul>\n<p>Increasingly, everything <em>is<\/em> on the open internet. When your users access their cloud-hosted email from a personal smartphone in a caf\u00e9 on a business trip, virtually all elements of that interaction are outside of your traditional \u201cwalled garden.\u201d The device, network, and application (code and hardware) fall outside and are not in your direct control, but your ability to validate and set policy on them is.<\/p>\n<p>With the many networks, devices, and applications needed in daily business, the only common denominator is the user. This is why we\u2019ve said, \u201cIdentity is the control plane.\u201d It\u2019s critical to establish who the user is as the core of trust for other transactions. If we aren\u2019t sure who the user is, no other system access control or security matters. Once we <em>are<\/em> sure of the user, we can explicitly verify every element of access whether our resources are on-premises, in cloud-hosted servers, or managed by third-party SaaS apps like Office 365.<\/p>\n<p>A robust Zero Trust strategy considers the full context of the session to determine its overall risk: the identity of the user plus the state of their device, the apps they\u2019re using, and the sensitivity of the data they\u2019re trying to access. It then applies holistic policies that define when to allow, block, or restrict access, or control it by requiring additional authentication challenges such as MFA, limiting functionality such as downloads, or applying compliance controls such as terms of use. This way, a hacker trying to gain access using stolen credentials on an unknown device will be blocked, as will a verified user running a healthy device trying to access data they don\u2019t have permission to see. This strategy not only protects against external threats, but it also helps create guardrails so well-meaning employees can use organizational resources responsibly.<\/p>\n<p>Azure Active Directory (Azure AD) provides the strong, adaptive, standards-based identity verification required in a Zero Trust framework. While Azure AD provides intrinsically strong authentication (including automatic adaptive protection against many attacks), it also allows admins to express their access requirements in simple terms. Virtually every aspect of each sign-in (including associated user or session risk) is available to define the conditions under which access policies are applied. A framework of controls such as additional authentication factors, terms of use, limited access, and other session semantics regulates access. This guarantees we are \u201csecure at access\u201d in our Zero Trust approach.<\/p>\n<p><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-Image-1b.png\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-87193 size-large\" src=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-Image-1b-1024x577.png\" alt=\"\" width=\"1024\" height=\"577\" srcset=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-Image-1b-1024x577.png 1024w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-Image-1b-300x169.png 300w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-Image-1b-768x432.png 768w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-Image-1b-330x186.png 330w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-Image-1b-800x450.png 800w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-Image-1b-400x225.png 400w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2018\/12\/Zero-Trust-part-1-Image-1b.png 1428w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\"\/><\/a><\/p>\n<p align=\"center\"><em>Azure AD conditional access applies intelligent policies to signals about users, devices, locations, and apps.<\/em><\/p>\n<p>A successful Zero Trust strategy requires seamless and flexible access to applications, systems, and data while maintaining security for both users and the resources they need to do their jobs. It requires being cloud-ready, starting with identity, and then <a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/security\/azure-ad-secure-steps\" rel=\"noopener\">taking steps<\/a> that will help secure all areas of your environment to:<\/p>\n<ul>\n<li>Strengthen your credentials. If users in your identity system are using weak passwords and not strengthening them with MFA, it isn\u2019t a matter of if or when you get compromised\u2014just how often you will be compromised.<\/li>\n<li>Reduce your attack surface area. To make life harder for hackers, eliminate using older, less secure protocols, limit access entry points, and exercise more significant control of administrative access to resources.<\/li>\n<li>Automate threat response. Reduce costs and risks by reducing the time criminals have to embed themselves into your environment.<\/li>\n<li>Increase your awareness. Use auditing and logging of security-related events and related alerts to help detect patterns that may indicate internal attacks or attempted or successful external penetration of your network.<\/li>\n<li>Enable user self-help. Reduce friction by empowering your users to stay productive, even as you remain vigilant.<\/li>\n<\/ul>\n<p>Read <a target=\"_blank\" href=\"https:\/\/aka.ms\/securitysteps\" rel=\"noopener\">Five steps to securing your identity infrastructure<\/a> to learn more.<\/p>\n<h3>Next in our series on Zero Trust\u2014keeping data safe<\/h3>\n<p>Identity and access management is one important element of your Zero Trust strategy\u2014along with others such as data encryption, analytics, device verification, and automation. In part 2 of our Zero Trust series, we\u2019ll talk about keeping data safe as part of your Zero Trust model. To learn more about how identity and access management enable a Zero Trust model, <a target=\"_blank\" href=\"https:\/\/www.microsoft.com\/en-us\/videoplayer\/embed\/RE2MFIC\" rel=\"noopener\">listen to our webcast<\/a>.\u00a0For more details about Zero Trust, read <a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/06\/14\/building-zero-trust-networks-with-microsoft-365\/\" rel=\"noopener\">Building Zero Trust networks with Microsoft 365<\/a>.<\/p>\n<p>READ MORE <a href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/12\/17\/zero-trust-part-1-identity-and-access-management\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In part one of our series, Ill define Zero Trust and then will discuss the first step to enabling a Zero Trust modelstrong identity and access management.<br \/>\nThe post Zero Trust part 1: Identity and access management appeared first on Microsoft Secure. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":22323,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[347],"class_list":["post-22322","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Zero Trust part 1: Identity and access management 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zero Trust part 1: Identity and access management 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-12-17T17:00:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/zero-trust-part-1-identity-and-access-management.png\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"360\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Zero Trust part 1: Identity and access management\",\"datePublished\":\"2018-12-17T17:00:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/\"},\"wordCount\":1149,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/zero-trust-part-1-identity-and-access-management.png\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/\",\"name\":\"Zero Trust part 1: Identity and access management 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/zero-trust-part-1-identity-and-access-management.png\",\"datePublished\":\"2018-12-17T17:00:45+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/zero-trust-part-1-identity-and-access-management.png\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/zero-trust-part-1-identity-and-access-management.png\",\"width\":640,\"height\":360},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/cybersecurity\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Zero Trust part 1: Identity and access management\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Zero Trust part 1: Identity and access management 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/","og_locale":"en_US","og_type":"article","og_title":"Zero Trust part 1: Identity and access management 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-12-17T17:00:45+00:00","og_image":[{"width":640,"height":360,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/zero-trust-part-1-identity-and-access-management.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Zero Trust part 1: Identity and access management","datePublished":"2018-12-17T17:00:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/"},"wordCount":1149,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/zero-trust-part-1-identity-and-access-management.png","keywords":["Cybersecurity"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/","url":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/","name":"Zero Trust part 1: Identity and access management 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/zero-trust-part-1-identity-and-access-management.png","datePublished":"2018-12-17T17:00:45+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/zero-trust-part-1-identity-and-access-management.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/12\/zero-trust-part-1-identity-and-access-management.png","width":640,"height":360},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/zero-trust-part-1-identity-and-access-management\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/www.threatshub.org\/blog\/tag\/cybersecurity\/"},{"@type":"ListItem","position":3,"name":"Zero Trust part 1: Identity and access management"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/22322","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=22322"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/22322\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/22323"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=22322"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=22322"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=22322"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}