← Back to tools

Zero Trust Maturity

Domain self-assessment (identity, network, data, ops) with gaps and weekly actions.

Identity

MFA required for users and admins

Passwordless / phishing-resistant for critical roles

Automated joiner–mover–leaver with reviews

PAM / JIT for administrative privilege

Inventory and rotation of non-human identities

Devices

Trusted inventory of endpoints and servers

Device posture required for sensitive access

Network

Segmentation / microsegmentation beyond perimeter

Remote access via ZTNA (not flat VPN)

Applications

Central SSO for business apps

Fine-grained authorization (RBAC/ABAC) reviewed

Data

Sensitive data classification applied

Encryption in transit and at rest for critical assets

Ops & detection

Centralized auth, admin, and sensitive-data logs

Identity / privilege anomaly detection

Identity incident response playbooks tested

Zero Trust score 0
Status

By domain

Biggest gaps (prioritize this week)

    3 actions this week

      Qualitative self-assessment — not a formal audit. Zero Trust is maturity, not a product.