IAT Domain

Identity Access & Trust

Protect without possessing

The gates. Who gets in.

ZPAZero Possession Architecture

Identity Access and Trust controls the gates. IAT missions manage who gets access to what through identity lifecycle management, multi-factor authentication, privileged access management, and zero-trust architecture implementation.

Capabilities

What IAT covers

Identity Governance

Centralized identity management, access certification, and automated provisioning/deprovisioning.

Authentication

Multi-factor authentication deployment, SSO integration, and passwordless authentication programs.

Privileged Access

PAM implementation with session recording, just-in-time access, and credential vaulting.

Zero Trust

Zero Trust architecture design and implementation across identity, device, network, and data pillars.

Missions

15 missions in IAT

Each mission has defined scope, deliverables, and completion criteria.

M-IAT-R01C-RECON

2 weeksStandard

Identity Inventory

Complete inventory of all identity sources, service accounts, and privileged access.

M-IAT-R02C-RECON

2 weeksStandard

Access Control Review

Review role assignments, permissions, and least-privilege compliance across all systems.

M-IAT-R03C-RECON

1 weekSimple

Authentication Assessment

Evaluate authentication methods, MFA coverage, and password policies.

M-IAT-B01C-BUILD

2 weeksStandard

MFA Deployment

Deploy multi-factor authentication across all critical systems and user populations.

M-IAT-B02C-BUILD

4 weeksComplex

PAM Implementation

Implement privileged access management with session recording and just-in-time access.

M-IAT-B03C-BUILD

3 weeksStandard

SSO Integration

Integrate applications with single sign-on provider for centralized authentication.

M-IAT-H01C-HARDEN

2 weeksStandard

Privilege Reduction

Implement least-privilege access model with automated privilege escalation workflows.

M-IAT-H02C-HARDEN

2 weeksStandard

Service Account Hardening

Rotate credentials, implement managed service identities, and remove unnecessary service accounts.

M-IAT-D01C-DRILL

1 weekComplex

Credential Compromise Drill

Simulate compromised credentials to test detection, containment, and reset procedures.

M-IAT-D02C-DRILL

1 weekComplex

Privilege Escalation Test

Attempt privilege escalation from standard user to administrative access.

M-IAT-C01C-COMMAND

OngoingStandard

Access Certification

Quarterly access certification reviews for all critical systems and privileged accounts.

M-IAT-C02C-COMMAND

OngoingStandard

Identity Monitoring

Continuous monitoring for anomalous authentication patterns and impossible travel events.

M-IAT-C03C-COMMAND

OngoingSimple

Credential Hygiene

Dark web credential monitoring and proactive password resets for exposed accounts.

M-IAT-C04C-COMMAND

OngoingStandard

Zero Trust Metrics

Measure and report on zero trust maturity across identity, device, and network pillars.

M-IAT-C05C-COMMAND

OngoingSimple

Access Governance Reporting

Monthly identity governance reports with orphaned accounts, excessive permissions, and MFA coverage.

Assess your Identity Access & Trust posture.

The Foundational Risk Model evaluates your IAT domain and produces specific mission recommendations.

Schedule Your FRM View Pricing