Free Zero Trust — 6 Pillars (with Microsoft examples)
Visual map of the Zero Trust security framework — six pillars (Identities, Endpoints, Apps, Data, Infrastructure. Free mind map.
Zero Trust isn't a product. It's a framework with six defense areas. Here's the structure — and which Microsoft tools you'd reach for in each.
Last reviewed
Frequently Asked Questions
What is Zero Trust in plain English?
Zero Trust is a security strategy built on the principle 'never trust, always verify'. Every access request — even from inside your network — must be authenticated, authorised, and continuously evaluated. It assumes breach: someone is already inside, so every layer needs to defend itself, not rely on a perimeter.
What are the three core principles?
Verify explicitly (authenticate every request based on all available signals — identity, device, location, risk). Use least privilege (just-in-time, just-enough access; risk-based adaptive policies). Assume breach (segment access, encrypt end-to-end, use analytics for detection).
Is Zero Trust a Microsoft thing?
No — Zero Trust is a vendor-neutral framework first articulated by Forrester and now adopted by NIST, CISA, and most major cloud vendors. Microsoft's implementation maps each pillar to specific products (Entra ID for identities, Intune for endpoints, Defender for endpoints/apps/cloud, Purview for data, Azure Firewall for network). Other vendors do the same with their products.
Which pillar should I start with?
Identities. Strong MFA + Conditional Access stops the majority of identity-based attacks and is the foundation everything else relies on. CISA recommends maturing identity to 'Advanced' before going deep on the other pillars. From there, Endpoints (compliant devices) and Data (classification + DLP) are typically the highest-leverage next steps.