awesome-zero-trust
home
awesome-zero-trust | home | |
---|---|---|
3 | 1 | |
706 | 218 | |
0.0% | - | |
0.0 | 3.1 | |
over 1 year ago | over 1 year ago | |
- | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
awesome-zero-trust
- Curated collection of resources for the zero trust security model
-
Single sign-on and identity for government services: What we've learned so far
Two great places to start are "Beyond Corp"/zero trust and "WebAuthN". BeyondCorp is the name brand of a zero trust model, where the perimeter security model is broken down for authorization ("authz") and authentication ("authn") everywhere. WebAuthN is using PKI infrastructure with a purposeful UX to migrate off usernames and passwords for authentication.
https://www.beyondcorp.com/
https://github.com/pomerium/awesome-zero-trust/
https://webauthn.guide/
-
NSA Issues Guidance on Zero Trust Security Model
I found the the NIST / UK docs similarly high-level albeit more exhaustive. Gitlab and google's write-ups are a good read if you are looking for more of an operationalized perspective on zero-trust principles.
home
What are some alternatives?
traefik-forward-auth - Minimal forward authentication service that provides Google/OpenID oauth based login and authentication for the traefik reverse proxy
awesome-iam - 👤 Identity and Access Management knowledge for cloud platforms
trasa - Zero Trust Service Access
Ory Hydra - OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
Pomerium - Pomerium is an identity and context-aware reverse proxy for zero-trust access to web applications and services.
TheIdServer - OpenID/Connect, OAuth2, WS-Federation and SAML 2.0 server based on Duende IdentityServer and ITFoxtec Identity SAML 2.0 with its admin UI
Ockam - Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.
OpenAM - OpenAM is an open access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security.