This thing about Zero Trust security is just nuts.

The whole premise of trusting no one, no device and no system, regardless of whether they are within or outside the network sounds sensible on paper.

And its advocates and proponents enforce Zero Trust by placing an awful lot of trust in network policies, firewalls, IPS, IDS, cloud-based EDR / XDR and SIEM systems. And even the security guard at the doors of the datacentre.

Zero Trust? What Zero trust? Sound more Selective Trust. 🙄