Mr. Nanda gopal Seshagiri

In Zero Trust We Trust: Rethinking Trust in Modern Systems

Abstract:

Zero Trust is everywhere — in vendor slides, compliance checklists, and executive roadmaps. But what does it really mean to “trust nothing”? Is it even possible? In practice, we still trust plenty: identity providers, cloud infrastructure, open-source libraries, orchestration tools — and most critically, we trust them to behave correctly on our behalf.

This talk deconstructs the illusion of Zero Trust as an absolute and reframes it as a mindset of explicit, accountable, and decaying trust. Drawing from real-world experience building security architecture at scale, we’ll explore how to build Zero Trust into the application layer, rethink how machines and services authenticate, and critically assess the sprawling, often invisible, transitive trust we inherit from cloud providers like AWS and Okta.

We’ll also examine the limitations of human reasoning in understanding modern trust graphs — and why automation, instrumentation, and even AI will be necessary to answer a deceptively simple question:
“Do I trust this service? If so, how—and should I?”