Unknown is an answer
A trust model that always returns a confident number is easy to build and impossible to trust. The honest move is to say when you can't see enough yet.
By Joe Augustine2 min read
Perspectives
Infrastructure trust, in the open
Writing on device trust, Zero Trust, compliance evidence, and the ITA / ITCM framework — by Joe Augustine, originator of the standard SAUTERA is built on. This is where the thinking lives — in place of social.
Anatomy of a trust decision: the host that almost shipped
A worked example of how identity trust and infrastructure trust combine into one verdict — and how a clean-looking access request gets caught, fixed, and proven.
By Joe Augustine2 min read
What the trust score actually measures
A single number per device is only useful if you can see what's underneath it. A field note on how infrastructure trust is scored — and why it will tell you when it doesn't know.
By Joe Augustine2 min read
The decision that was right at design time and wrong by Tuesday
Most infrastructure is trusted once, at design time, and never re-examined. The decision doesn't get revoked when the facts change — it just quietly stops being true.
By Joe Augustine2 min read
Zero Trust tells you who. It can't tell you whether.
Zero Trust verifies the identity asking for access. It says nothing about whether the infrastructure on the other side is fit to be trusted. That gap is where SAUTERA lives.
By Joe Augustine2 min read
Continuous, observed, enforced: the three words that make trust real
Most security tooling fails on one of three counts — it checks too rarely, it assumes instead of observes, or it finds problems no one acts on. SAUTERA's doctrine fixes all three.
By Joe Augustine2 min read
Compliance evidence shouldn't be a fire drill
If you reconstruct a quarter of history by hand every time an auditor asks, you don't have a compliance program — you have a recurring emergency. Evidence should be a by-product, not a project.
By Joe Augustine2 min read
Follow the work
Get new perspectives
New writing on infrastructure trust, plus updates to the ITA and ITCM framework — straight to your inbox. No social account required.
Occasional. No spam. Unsubscribe anytime.
Prefer a reader? Subscribe via RSS.