Zero Trust Architecture (ZTA) Expert Group

ZTT Expert Group Meeting Minutes 8/30

  • 1.  ZTT Expert Group Meeting Minutes 8/30

    Posted Aug 31, 2022 04:59:00 PM

    Hello all,

    Thank you for the thoughtful discussion yesterday. The meeting minutes have been updated and can be found here: https://drive.google.com/drive/folders/1fc9g7vUEuDA3qLDLk-0xoH12e_ZHRkA8 

    The recording for this meeting and future meetings can be found in the Library of the ZTT SME Circle group, along with the agendas/meeting minutes, and other relevant ZTT artifacts, such as the charter. The Circle group is invite-only, so if you do not have access to this group, please let us know ASAP and we can get that resolved. 

    All Modules for the ZT Training as well as the ZTT Glossary can be found here: https://drive.google.com/drive/folders/1RRq8MTFh19NCxw8bf5FH8Qito31mEC3F?usp=sharing

    Note: Please read modules 1-5 to get a good concept of the ZT/SDP training.

    ZT/SDP Resources Folderhttps://drive.google.com/drive/folders/10MWGbKutdSLYcCkC1IAMSJVO6apBXp4R?usp=sharing

    Please review the Module 4 self-paced course. This is the first round of review so please provide your harshest feedback. Module 4 Review Links:

    1. Unit 1: https://360.articulate.com/review/content/36452a0d-ebcf-4e81-8d70-d1c12d702da9/review  
    2. Unit 2: https://360.articulate.com/review/content/96318246-53b9-4b23-8460-4ecc766f574d/review
    3. Unit 3: https://360.articulate.com/review/content/940ade8c-15b9-4b94-83d5-2a38fcb2e39b/review
    4. Unit 4: https://360.articulate.com/review/content/ceb8c47c-d217-4602-996f-eaadec604da2/review
    5. Unit 5: https://360.articulate.com/review/content/fcfa0cfb-4110-4be4-bcae-9ef181604ee5/review

    Action Points (APs):

    1. Assigned to all, please review Module 5 and provide comments/feedback by 9/6. 

      1. Link:https://docs.google.com/document/d/1d244goX54tGXbp22At_YPNEHn4kGLILQhTHE6g3Z0hA/edit?usp=sharing

    2. Course Introduction/Structure

      1. As a reminder to all, this section will be developed after M5 has been drafted properly 

    3. Learning Objectives

      1. CSA Internal team will continue working on these

    4. 5.1 Planning Considerations

      1. Alex S. please flush out this section based on Daniele's suggestions by 9/6

      2. 5.1.1 Discovery 

        1. Heinrich please consider the flow from Planning to Discovery as discussed in the meeting. Please add revisions to section flow by 9/6

      3. 5.1.1.6 Supply Chain Resilience

        1. Heinrich please have drafted by upcoming meeting on 9/1

    5. 5.2 Planning Phase

      1. Matt please review and provide feedback on Alex's edits by 9/6

      2. Matthew and Robert please review this text by 9/6

      3. Alex please review Daniele's feedback and continue working on Planning Phase 

    6. 5.3 Gap Analysis 

      1. Alex S.  please continue to edit this section by 9/6

    7. 5.4 Scope & Priority

      1. Shruti to work on wordsmithing use cases, and making them precise as we will have a later module dedicated to use cases so this should only be a brief introduction

    8. 5.5 Protect and Attack Surface

      1. Shruti please continue flushing out this section

        1. The NISTAC Report-Table 3 was mentioned as a helpful reference

        2. Please define entitlement per Daniele's comment

      2. Ledy please suggest a graphic to visualize the difference between PS & AS by 9/6 

    9. 5.6 Define the PEP Policies

      1. Prasad, please review this section about policy or PEP policy by 9/6.

    10. 5.7 Develop the Conceptual Architecture

      1. Michael H. and Clement please continue your work in this section and flesh out the text by 9/6

    11. 5.9 ZT Go Live Planning: Monitor & Maintain

                       a. Alex S. Please review Shruti's work in this section by 9/6

     
    Thank you all for your time and effort.


    ------------------------------
    Chandler Curran
    Training Project Administrator
    Cloud Security Alliance
    ------------------------------