At its core a zero trust architecture trusts no one, not users, not applications and not systems. Every interaction must be verified and authenticated. When properly implemented zero trust can make it extremely difficult for an attacker to reach their intended target.
