Agent skill
zero-trust-architecture
Implement Zero Trust security model with identity verification, microsegmentation, least privilege access, and continuous monitoring. Use when building secure cloud-native applications.
Install this agent skill to your Project
npx add-skill https://github.com/aj-geddes/useful-ai-prompts/tree/main/skills/zero-trust-architecture
SKILL.md
Zero Trust Architecture
Table of Contents
- Overview
- When to Use
- Quick Start
- Reference Guides
- Best Practices
Overview
Implement comprehensive Zero Trust security architecture based on "never trust, always verify" principle with identity-centric security, microsegmentation, and continuous verification.
When to Use
- Cloud-native applications
- Microservices architecture
- Remote workforce security
- API security
- Multi-cloud deployments
- Legacy modernization
- Compliance requirements
Quick Start
Minimal working example:
// zero-trust-gateway.js
const jwt = require("jsonwebtoken");
const axios = require("axios");
class ZeroTrustGateway {
constructor() {
this.identityProvider = process.env.IDENTITY_PROVIDER_URL;
this.deviceRegistry = new Map();
this.sessionContext = new Map();
}
/**
* Verify identity - Who are you?
*/
async verifyIdentity(token) {
try {
// Verify JWT token
const decoded = jwt.verify(token, process.env.JWT_PUBLIC_KEY, {
algorithms: ["RS256"],
});
// Check token hasn't been revoked
const revoked = await this.checkTokenRevocation(decoded.jti);
if (revoked) {
throw new Error("Token has been revoked");
// ... (see reference guides for full implementation)
Reference Guides
Detailed implementations in the references/ directory:
| Guide | Contents |
|---|---|
| Zero Trust Gateway | Zero Trust Gateway |
| Service Mesh - Microsegmentation | Service Mesh - Microsegmentation |
| Python Zero Trust Policy Engine | Python Zero Trust Policy Engine |
Best Practices
✅ DO
- Verify every request
- Implement MFA everywhere
- Use microsegmentation
- Monitor continuously
- Encrypt all communications
- Implement least privilege
- Log all access
- Regular audits
❌ DON'T
- Trust network location
- Use implicit trust
- Skip device verification
- Allow lateral movement
- Use static credentials
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
websocket-implementation
Implement real-time bidirectional communication with WebSockets including connection management, message routing, and scaling. Use when building real-time features, chat systems, live notifications, or collaborative applications.
refactor-legacy-code
Modernize and improve legacy codebases while maintaining functionality. Use when you need to refactor old code, reduce technical debt, modernize deprecated patterns, or improve code maintainability without breaking existing behavior.
Sentiment Analysis
Classify text sentiment using NLP techniques, lexicon-based analysis, and machine learning for opinion mining, brand monitoring, and customer feedback analysis
flask-api-development
Develop lightweight Flask APIs with routing, blueprints, database integration, authentication, and request/response handling. Use when building RESTful APIs, microservices, or lightweight web services with Flask.
ML Model Explanation
Interpret machine learning models using SHAP, LIME, feature importance, partial dependence, and attention visualization for explainability
Statistical Hypothesis Testing
Conduct statistical tests including t-tests, chi-square, ANOVA, and p-value analysis for statistical significance, hypothesis validation, and A/B testing
Didn't find tool you were looking for?