General FAQs

What is Zero Trust?

Zero Trust is a security model that assumes breach and explicitly verifies every request as though it originates from an uncontrolled network. The Zero Trust model is based on the principle of “never trust, always verify” and assumes breach. The Zero Trust model is a holistic approach to securing all access across your networks, applications, and environment. The Zero Trust model can be applied to identity, devices, applications, data, infrastructure, and networks.

How does the Microsoft Zero Trust Workshop align with NIST?

The Zero Trust Workshop aligns with Microsoft's Zero Trust Architecture, which aligns with NIST. One of the main drivers of this workshop was looking at how our Microsoft product landscape maps across the entire NIST architecture.

Where does the Workshop tool store its data?

The Zero Trust Workshop tool stores the data in the browser local storage of the device. To move between devices, or back up the data, use the export functionality and re-import at a later time. It is recommended to reset the app and clear all data after you complete the workshop.

What permissions do I need for the Microsoft Zero Trust Assessment?

The Zero Trust Assessment app requires read-only permissions to read your tenant configuration. See the ZT Assessment Guide page for more details.

Is this an official Microsoft product?

No. It is a community project that is maintained by Microsoft employees. The tools are provided as-is and are not supported through any Microsoft support program or service. Please do not contact Microsoft support with any issues or concerns.

How do I get support?

Please raise an issue on the Zero Trust Assessment GitHub repo.

What is Zero Trust?​

How does the Microsoft Zero Trust Workshop align with NIST?​

Where does the Workshop tool store its data?​

What permissions do I need for the Microsoft Zero Trust Assessment?​

Is this an official Microsoft product?​

How do I get support?​