With a full scale ZTA implementation, it is unlikely that adversaries will be able to spread through a corporate network using a compromised endpoint. However, the already authenticated and authorised session of the compromised endpoint can be leveraged to perform limited malicious activities, ultimately rendering endpoints the Achilles heel of ZTA. In order to effectively detect such attacks, distributed intrusion detection systems with an attack-scenario-based approach have been developed. That said, APTs have demonstrated their ability to bypass this approach with high success ratio. Motivated by the convergence of ZTA and blockchain-based intrusion detection and prevention, we examine how ZTA can be augmented onto endpoints.
Understand the why behind the needed transition to borderless networks from perimeter-based networks and therefore defenses.
Understand, describe and further discuss a major weakness in ZTA, namely the endpoint itself. This will provoke further discussion into a proposed solution via blockchain, including when and where it might be most useful.
Gain understanding and insights of the available ZTA deployments models as well as their mapping to real world implementations (such contains vendor reference but can be removed and stick to available models and their attributes).