Skip to content

Commit 8c39c75

Browse files
Stacyrch140Stacyrch140
authored
Merge pull request #225726 from batamig/zero-trust-include
replacing ZT intro text with an include file we can reuse
2 parents 6724449 + d1e6033 commit 8c39c75

File tree

2 files changed

+16
-5
lines changed

2 files changed

+16
-5
lines changed

articles/sentinel/sentinel-solution.md

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -12,11 +12,7 @@ ms.collection:
1212

1313
# Monitor Zero Trust (TIC 3.0) security architectures with Microsoft Sentinel
1414

15-
[Zero Trust](/security/zero-trust/zero-trust-overview) is a security strategy for designing and implementing security principles that assumes breach, and verifies each request as though it originated from an uncontrolled network. A Zero Trust model implements the following security principles:
16-
17-
- **Verify explicitly**: Always authenticate and authorize based on all available data points.
18-
- **Use least privilege access**: Limit user access with Just-In-Time and Just-Enough-Access (JIT/JEA), risk-based adaptive policies, and data protection.
19-
- **Assume breach**: Minimize blast radius and segment access. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses.
15+
[!INCLUDE [zero-trust-principles](../../includes/security/zero-trust-principles.md)]
2016

2117
This article describes how to use the Microsoft Sentinel **Zero Trust (TIC 3.0)** solution, which helps governance and compliance teams monitor and respond to Zero Trust requirements according to the [TRUSTED INTERNET CONNECTIONS (TIC) 3.0](https://www.cisa.gov/tic) initiative.
2218

includes/security/zero-trust-principles.md

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
---
2+
author: batamig
3+
ms.service: security
4+
ms.topic: include
5+
ms.date: 01/31/2023
6+
ms.author: bagol
7+
ms.collection:
8+
- zerotrust-services
9+
---
10+
11+
[Zero Trust](/security/zero-trust/zero-trust-overview) is a security strategy for designing and implementing the following sets of security principles:
12+
13+
|Verify explicitly |Use least privilege access |Assume breach |
14+
|---------|---------|---------|
15+
|Always authenticate and authorize based on all available data points. | Limit user access with Just-In-Time and Just-Enough-Access (JIT/JEA), risk-based adaptive policies, and data protection. | Minimize blast radius and segment access. Verify end-to-end encryption and use analytics to get visibility, drive threat detection, and improve defenses. |

0 commit comments

Comments
 (0)