top of page
  • Writer's pictureWill Francillette

Implementing CISA’s Zero Trust Architecture: A Microsoft Approach - Introduction

CISA Zero Trust Architecture

Today, I want to start a new series on a topic that has a lot of misconception and have been misused for commercial gain. It's often resumed by "don't trust anything" or "verify everything" but there's more to it.

It's when I read "Zero Trust overview and playbook introduction" by Mark Simos, that I realised how much I didn't know and that it was time to refine my knowledge on this architectural model.

Zero trust is not a product but a complete framework.

Zero Trust is not a silver bullet! No single action or technology product can provide an easy miracle cure for security risks.

Mark Simos, Zero Trust overview and playbook introduction, Packt

During my quest, I discovered multiple vendor agnostic documentations developed by government or independent institutions aiming to educate and help organisations of all sizes improving their security and increasing the attacker cost for an attack. Many resources are publicly available and free of charge. They establish a vision and roadmap to strengthen your environment and enable a different way to tackle security.

For every document I read, I couldn't stop referencing Microsoft and Azure security ecosystem and when I came across Zero trust maturity model from the Cybersecurity and Infrastructure Security Agency (CISA), I thought it was a perfect baseline for this series. The document is brief, simple and provides a table to implement the Zero trust pillars at different stage of maturity.

Zero Trust Maturity Journey

There are 5 independent pillars and an additional 3 spanning across them as illustrated below:

Zero trust Pillars

We will look at each of those pillars, map every functions/capabilities to its Microsoft/Azure product, have a glimpse the equivalent feature.

You may ask why should you adopt Microsoft ecosystem?

  • Coverage:

  • Integration:

  • Development:

  • Documentation:

  • Community:

  • Licencing:

I hope this series will help embarking to the Zero trust journey, and demystify the concept. For those who may want to deep dive in the architecture, I have added all the resources I used during this journey in the references section.

Thanks for reading!



I am a Microsoft Solutions Architect specialized in Microsoft 365, Entra and Azure security products at Threatscape.

I love learning, blogging and coding. My interests are very diverse and span across architecture, security, cloud engineering, automation, DevOps and PowerShell.

I own over a dozen Microsoft certifications and have worked in IT across multiple and diverse industries for over 15 years.


bottom of page