Most organizations treat information security like building a castle: strong outer walls protect the perimeter, but once inside, there is nothing to stop anyone from accessing anything. In the world of cloud-native applications, the perimeter is often too porous to build these outer walls. Zero trust security is about deconstructing the “castle” model and building an “apartment building” instead, which still has an outer wall but also has many individual apartments with their own strong locks. Daniel works on SPIFFE, a Cloud Native Computing Foundation project to build tools and best practices around zero trust security for the cloud, and deploys these tools at companies around the world.