Zero Trust Architecture

NIST SP 800-207A ZTA for Cloud-Native Applications

NIST SP 800-207A extends the original ZTA guidance to cover cloud-native applications in multi-cloud environments. It addresses service mesh architectures, workload identity, microsegmentation, and API-centric access control patterns for containerized workloads.

GitHub

Documentation

📖
Documentation
https://csrc.nist.gov/pubs/sp/800/207/a/final
📖
Documentation
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207A.pdf

API entry from apis.yml

apis.yml Raw ↑ 
aid: zero-trust-architecture:nist-sp-800-207a
name: NIST SP 800-207A ZTA for Cloud-Native Applications
description: NIST SP 800-207A extends the original ZTA guidance to cover cloud-native applications in
  multi-cloud environments. It addresses service mesh architectures, workload identity, microsegmentation,
  and API-centric access control patterns for containerized workloads.
humanURL: https://csrc.nist.gov/pubs/sp/800/207/a/final
tags:
- Cloud Security
- Kubernetes
- NIST
- Zero Trust
properties:
- type: Documentation
  url: https://csrc.nist.gov/pubs/sp/800/207/a/final
- type: Documentation
  url: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207A.pdf