Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Advocate I
‎06-11-2025 01:17 PM
‎06-11-2025 01:17 PM

From Theory to Tactic: What Does NIST's SP 1800-35 Mean for Your ZTA Journey?

Dear All,

 

The NIST National Cybersecurity Center of Excellence (NCCoE) has released the final practice guide, Implementing a Zero Trust Architecture (NIST SP 1800-35). This publication outlines results and best practices from the NCCoE effort featuring work with 24 vendors to demonstrate end-to-end Zero Trust Architectures.

As an enterprise’s data and resources have become distributed across on-premises and multiple-cloud environments, protecting them has become increasingly challenging. Many users need options to access information across the globe, at all hours, across devices. The NCCoE addressed these unique challenges by collaborating with industry participants to demonstrate 19 sample Zero Trust Architecture implementations.

Detailed technical information for each sample implementation can serve as a valuable resource for technology implementers by providing models they can replicate. The best practices and lessons learned from the implementations and integrations can help organizations save time and resources.

Two resources of NIST SP 1800-35 have been released:

A “High-Level Document in PDF Format” serves as introductory reading with insight into the project effort, including a high-level summary of project goals, reference architecture, various ZTA implementations, and findings.
A “Full Document in Web Format” provides in-depth details about technologies leveraged, their integrations and configurations, and the use cases and scenarios demonstrated. It also contains information on the implemented security capabilities and their mappings to the NIST Cybersecurity Framework (CSF), NIST SP 800-53r5, and NIST critical software security measures.

 

 

NIST Final SP 1800-35, Implementing a Zero Trust Architecture

 

NIST SP 1800-35 highlights the importance of continuous diagnostics and monitoring as a core ZT principle. In a large, dynamic environment (hybrid cloud, remote users, diverse devices), what are the biggest challenges in achieving truly continuous and actionable visibility into device posture, user behavior, and environmental context? How can emerging technologies (beyond standard SIEM) help close these visibility gaps?

I hope everyone participates by sharing your thoughts and insights on this topic.
Thanks in advance!

 

 

 

 

 

Kyaw Myo Oo
Information Security Officer , CB BANK PCL
CCIE #58769 | CISSP | CRISC | PMP | CCSM | SAA-C03 | PCNSE
https://www.linkedin.com/in/kyaw-myo-oo/
Reply
0 Kudos
0 Replies