Zero-Trust describes an ideal end-state of a transition from perimeter defense to continuous identity and access verification. It challenges DARPANET-era assumptions about “trusted” internal networks and “untrusted” external networks, like the internet. This strategy considers the possibility that threats may breach (or originate inside of) perimeter defenses and works to limit the lateral movement or blast radius of threat actors.