https://sautera.com/blog/ Perspectives on infrastructure trust by Joe Augustine — device trust, compliance evidence, and the ITA / ITCM framework. en Tue, 23 Jun 2026 09:00:00 GMT https://sautera.com/blog/unknown-is-an-answer/ https://sautera.com/blog/unknown-is-an-answer/ Tue, 23 Jun 2026 09:00:00 GMT Field Notes A trust model that always returns a confident number is easy to build and impossible to trust. The honest move is to say when you can't see enough yet. https://sautera.com/blog/anatomy-of-a-trust-decision/ https://sautera.com/blog/anatomy-of-a-trust-decision/ Mon, 22 Jun 2026 09:00:00 GMT Infrastructure Trust A worked example of how identity trust and infrastructure trust combine into one verdict — and how a clean-looking access request gets caught, fixed, and proven. https://sautera.com/blog/what-the-trust-score-measures/ https://sautera.com/blog/what-the-trust-score-measures/ Sat, 20 Jun 2026 09:00:00 GMT Field Notes A single number per device is only useful if you can see what's underneath it. A field note on how infrastructure trust is scored — and why it will tell you when it doesn't know. https://sautera.com/blog/right-at-design-time-wrong-by-tuesday/ https://sautera.com/blog/right-at-design-time-wrong-by-tuesday/ Fri, 19 Jun 2026 09:00:00 GMT Infrastructure Trust Most infrastructure is trusted once, at design time, and never re-examined. The decision doesn't get revoked when the facts change — it just quietly stops being true. https://sautera.com/blog/zero-trust-tells-you-who-not-whether/ https://sautera.com/blog/zero-trust-tells-you-who-not-whether/ Thu, 18 Jun 2026 09:00:00 GMT Zero Trust Zero Trust verifies the identity asking for access. It says nothing about whether the infrastructure on the other side is fit to be trusted. That gap is where SAUTERA lives. https://sautera.com/blog/continuous-observed-enforced/ https://sautera.com/blog/continuous-observed-enforced/ Mon, 15 Jun 2026 09:00:00 GMT Infrastructure Trust Most security tooling fails on one of three counts — it checks too rarely, it assumes instead of observes, or it finds problems no one acts on. SAUTERA's doctrine fixes all three. https://sautera.com/blog/compliance-evidence-not-a-fire-drill/ https://sautera.com/blog/compliance-evidence-not-a-fire-drill/ Thu, 11 Jun 2026 09:00:00 GMT Compliance If you reconstruct a quarter of history by hand every time an auditor asks, you don't have a compliance program — you have a recurring emergency. Evidence should be a by-product, not a project.