Term · 30. Big4 Advisory Framing

Forrester Zero Trust (originator framework) ZTX

Framework Source: Forrester

AuthZ Identity Security Standards NIST Introduced by: Forrester

Definition

Originated by Forrester analyst John Kindervag in 2010 as «No more chewy centers — abolish the trusted network», Zero Trust replaces perimeter-based security with «never trust, always verify» applied to every access request. Forrester's Zero Trust eXtended (ZTX) framework spans 7 pillars: Workforce, Device, Workload, Network, Data, Visibility & Analytics, and Automation & Orchestration. Identity is the central control plane.

Synonyms

Zero Trust eXtended
Forrester ZTX
Zero Trust Architecture

Application: Adopted by enterprises as architecture pattern for cloud migration, hybrid workforce, and reducing lateral movement risk. IDM/IAM impact: every access decision requires continuous identity + device + context verification (CARTA-aligned); least-privilege via JIT/JEA; microsegmentation tied to identity attributes; ITDR for detecting compromised identities.

Standards & regulations

NIST SP 800-207 «The term “zero trust” was coined by John Kindervag of Forrester Research Inc. Zero trust refers to an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters t»

Sources

Forrester — Zero Trust resources primary source
NIST SP 800-207 Zero Trust Architecture (technical reference) industry commentary

Related terms

← Back to glossary · Open in main list