menu_book Concept

Zero Trust

Also known as: Zero trust architecture, ZTA

Zero trust is a security model that assumes no user or device is inherently trusted and verifies every access request continuously. It directly counters infostealer risk by limiting what a single set of stolen credentials can reach.

What is zero trust?

Zero trust replaces the old "trusted internal network" model with continuous verification: every request is authenticated, authorised, and validated against context (identity, device health, behaviour) regardless of where it originates.

Zero trust vs infostealers

Because infostealers hand attackers legitimate credentials, perimeter-based trust fails against them. Zero trust limits the blast radius — strong per-request verification, least-privilege access, and continuous session validation make stolen credentials far less useful.

How VantaPrism Tracks Zero Trust

VantaPrism complements zero trust by feeding it real-time exposure signals: knowing a credential is compromised lets a zero-trust system step up verification or revoke access immediately.

Check Your Exposure arrow_forward

Frequently Asked Questions

Does zero trust stop infostealers?

expand_more

It cannot prevent infections, but it limits their impact by continuously verifying every request, so a single stolen credential cannot freely access everything.

Related Terms

MFA Bypass arrow_outward

MFA bypass is any technique that defeats multi-factor authentication so an attacker can access an account despite the…

Session Hijacking arrow_outward

Session hijacking is the takeover of an authenticated session by stealing and reusing its session token or cookie. Be…

Compromised Credentials arrow_outward

Compromised credentials are usernames and passwords that have been exposed to unauthorized parties — frequently throu…

Account Takeover (ATO) arrow_outward

Account takeover (ATO) is when an attacker gains unauthorized control of a legitimate user account, typically using s…

← All Glossary Terms Last reviewed: June 2026