The National Security Agency is sharing new guidance to help organizations limit an adversary's movement on the internal network by adopting zero-trust framework principles.

The NSA has issued guidance on adopting zero-trust principles to counter internal network threats. Zero-trust architecture prevents unauthorized access and movement within networks by assuming threats exist and enforcing strict access controls. The approach includes data flow mapping, segmentation, and software-defined networking to minimize breach impacts. No CVEs are associated with this guidance.