Join Frederick Kautz in developing a sound strategy for a Zero Trust Architecture. We will start by developing a working definition of Zero Trust for inclusion in your organization’s security policies, standards, and procedures. We’ll then learn how to use various CNCF and other open source technologies to achieve this. The initial focus will be on cryptographic identities for workloads. We will then discuss defining controls that implement your organization’s security policies. DevOps/DevSecOps organizational requirements must also be defined, including automation of the application and observability requirements to help your Security Operations Center know the health of your system and respond to threats. We will then discuss how to onboard legacy systems into your Zero Trust environment. Finally, we will have a short discussion on changing your organization’s culture to adopt these technologies without bulldozing the valid concerns of your security experts or application architects.