Zero Trust Architecture (ZTA) Expert Group

Back to discussions
Expand all | Collapse all

ZTT Expert Group Meeting Minutes 9/6

  • 1.  ZTT Expert Group Meeting Minutes 9/6

    Posted Sep 07, 2022 07:47:00 PM

    Hello all,

    Thank you for the thoughtful discussion yesterday. The meeting minutes have been updated and can be found here: https://drive.google.com/drive/folders/1fc9g7vUEuDA3qLDLk-0xoH12e_ZHRkA8 

    The recording for this meeting and future meetings can be found in the Library of the ZTT SME Circle group, along with the agendas/meeting minutes, and other relevant ZTT artifacts, such as the charter. The Circle group is invite-only, so if you do not have access to this group, please let us know ASAP and we can get that resolved. 

    All Modules for the ZT Training as well as the ZTT Glossary can be found here: https://drive.google.com/drive/folders/1RRq8MTFh19NCxw8bf5FH8Qito31mEC3F?usp=sharing

    Note: Please read modules 1-5 to get a good concept of the ZT/SDP training.

    ZT/SDP Resources Folderhttps://drive.google.com/drive/folders/10MWGbKutdSLYcCkC1IAMSJVO6apBXp4R?usp=sharing

    As a reminder, the training team's goal is to have the Zero Trust Planning module complete by mid-September. 

    Action Points:

    1. Assigned to all, please review Module 5 and provide comments/feedback by 9/13. 

      1. Link:https://docs.google.com/document/d/1d244goX54tGXbp22At_YPNEHn4kGLILQhTHE6g3Z0hA/edit?usp=sharing

    2. Course Introduction/Structure/Learning Objectives

      1. As a reminder to all, this section will be developed after M5 has been drafted properly 

    3. 5.1 Planning Phase

      1. 5.1.1 Discovery 

        1. Heinrich please consider the flow from Planning to Discovery, per Daniele's comment. Please add revisions to section flow by 9/13

      2. 5.1.1.6 Supply Chain Resilience

        1. Heinrich please have drafted by 9/13

      3. 5.1.5 Compliance 

        1. Heinrich please continue flushing out this section by 9/13

    4. 5.2 Gap Analysis 

      1. Alex S.,  please review the feedback from Michael Roza in this section by 9/13

    5. 5.3 Scope & Priority

      1. Shruti to work on wordsmithing use cases, as we will have a later module dedicated to use cases so this should only be a brief introduction by 9/13

    6. 5.4 Define the Protect Surface and the Attack Surface

      1. Shruti please continue flushing out this section by 9/13

    7. 5.5 Document Transaction Flows

      1. Mark Schlicting please review the feedback provided by the group by 9/13 

      2. 5.5.4 Key Takeaways

        1. This portion of text will be repurposed by the CSA Internal Team 

    8. 5.6 Define the Zero Trust Policies

      1. Prasad, please continue flushing out this section with the following in mind by 9/13

        1. The current feedback from Daniele 

        2. Is any material in this section outside the scope of this module? 

    9. 5.7 Develop Target Architecture
      1. Clement please review the feedback given by Michael H. and let us, the internal team, know what should be accepted or if the group should discuss the feedback further in this section by 9/13

    Thank you for your time and effort,



    ------------------------------
    Chandler Curran
    Training Project Administrator
    Cloud Security Alliance
    ------------------------------