Cloudflare Docs
Learning Paths
Edit this page on GitHub
Set theme to dark (⇧+D)

What is Zero Trust?

  1 min read

Zero Trust is a security approach built on the assumption that threats are already present within an organization. In a Zero Trust approach, no user, device, or application is automatically trusted — instead, strict identity verification is applied to every request anywhere in a corporate network, even for users and devices already connected to that network.

Zero Trust emphasizes the principle of least privilege for access control, where users only have access to the applications they need to do their job. More importantly, once the user’s identity is confirmed, Zero Trust still does not automatically trust that person’s actions. Instead, Zero Trust enforces continuous verification of user and device identity: users are required to periodically reauthenticate, and every request is monitored and inspected individually for compromised activity.

The primary benefit of a Zero Trust security model is to help reduce an organization’s attack surface. Because Zero Trust only grants access to a specific application and denies access to all other resources by default, a compromised user acount or device will only impact a small segment of the network.