diff --git a/community/resources/zero-trust-whitepaper/v1/cloud-native-zero-trust-whitepaper.md b/community/resources/zero-trust-whitepaper/v1/cloud-native-zero-trust-whitepaper.md index 5c990b1cf..364f3997c 100644 --- a/community/resources/zero-trust-whitepaper/v1/cloud-native-zero-trust-whitepaper.md +++ b/community/resources/zero-trust-whitepaper/v1/cloud-native-zero-trust-whitepaper.md @@ -95,7 +95,7 @@ Building on the extensive discourse surrounding Zero Trust principles over the y To follow the tenet of *Assume a Breach*, organizations must operate as if their systems are already hacked. This mindset encourages the development and implementation of security strategies that are inherently resilient and capable of detecting, containing, and mitigating threats in real time. -The tenet of Always Verify emphasizes the necessity of continuous authentication, authorization, and monitoring for every interaction within the system, regardless of its origin. This tenet rejects the notion of implicit trust, instead insisting on rigorous verification of all entities — users and services, internal and external. In practice, this involves the actions of eliminating implicit trust, minimizing explicit trust, and monitoring behavior to verify trustworthiness. +The tenet of *Always Verify* emphasizes the necessity of continuous authentication, authorization, and monitoring for every interaction within the system, regardless of its origin. This tenet rejects the notion of implicit trust, instead insisting on rigorous verification of all entities — users and services, internal and external. In practice, this involves the actions of eliminating implicit trust, minimizing explicit trust, and monitoring behavior to verify trustworthiness. The following table summarizes the Cloud Native principles of Zero Trust as detailed in the remainder of this chapter. The evidence for the principles below is discussed in **[NIST SP 800-207](https://csrc.nist.gov/pubs/sp/800/207/final)** chapter 2 *“Zero trust Basics”* with further details in chapter 3 “*Logical Components of Zero Trust Architecture*”*.* While the NIST paper discusses all kinds of systems, in generic terms such as assets and resources, here we focus solely on Cloud Native systems with a higher level of nuance.