DoD Zero Trust Strategy for the applications and workloads pillar

Article
04/12/2024

The DoD Zero Trust Strategy and Roadmap outlines a path for Department of Defense components and Defense Industrial Base (DIB) partners to adopt a new cybersecurity framework based on Zero Trust principles. Zero Trust eliminates traditional perimeters and trust assumptions, enabling a more efficient architecture that enhances security, user experiences, and mission performance.

This guide has recommendations for the 152 Zero Trust activities in the DoD Zero Trust Capability Execution Roadmap. The sections correspond with the seven pillars of the DoD Zero Trust model.

Use the following links to go to sections of the guide.

3 Applications and workloads

This section has Microsoft guidance and recommendations for DoD Zero Trust activities in the applications and workloads pillar. To learn more, see Secure applications with Zero Trust.

Note

Recommendations in this section align with the draft DoD Enterprise DevSecOps Reference Design.

3.1 Application inventory

Microsoft Entra ID is an identity provider (IdP) for applications and cloud platforms, not just Microsoft 365, and Azure. Microsoft Entra ID includes web portals and RESTful APIs to retrieve lists of integrated applications. Microsoft Defender for Cloud Apps, a component of Microsoft Defender XDR, has features to discover, inventory, and block unsanctioned apps.

DoD Activity Description and Outcome Microsoft guidance and recommendations

Target 3.1.1 Application/Code Identification
DoD Organizations create an inventory of approved applications and code (e.g., source code, libraries, etc.). Each organization will track the supportability (i.e., active, legacy, etc.) and hosted location (i.e., cloud, on-premises, hybrid, etc.) at least in the inventory.

Outcome:
- Component has identified applications and classified as either legacy, virtualized on-premises, and cloud hosted Microsoft Entra ID
Use the Microsoft Entra admin center to download a list of Microsoft Entra registered applications. Select Download in the top ribbon.
- Application resource type

If your organization uses Active Directory Federation Services (AD FS), deploy Microsoft Entra Connect Health. Use the application activity report to discover AD FS applications.
- Monitor AD FS with Connect Health
- Application activity report

Microsoft Defender Vulnerability Management
Use software inventory in Defender Vulnerability Management to view software in your organization.
- Software inventory

Microsoft Defender for Cloud Apps
Set up Cloud Discovery in Defender for Cloud Apps to get a snapshot of applications accessed by users.
- Set up Cloud Discovery
- Investigate apps

Microsoft Intune discovered apps
Intune discovered apps are detected by Intune enrolled devices in the tenant. It’s a software inventory of the tenant. On corporate devices, apps or managed apps aren’t collected for this report.
- Discovered apps

Azure DevOps
Use this service for secure package management. Developers share code and manage packages in one place.
- Azure Artifacts
- Azure GitHub repos

DoD Activity Description and Outcome	Microsoft guidance and recommendations
`Target` 3.1.1 Application/Code Identification DoD Organizations create an inventory of approved applications and code (e.g., source code, libraries, etc.). Each organization will track the supportability (i.e., active, legacy, etc.) and hosted location (i.e., cloud, on-premises, hybrid, etc.) at least in the inventory. Outcome: - Component has identified applications and classified as either legacy, virtualized on-premises, and cloud hosted	Microsoft Entra ID Use the Microsoft Entra admin center to download a list of Microsoft Entra registered applications. Select Download in the top ribbon. - Application resource type If your organization uses Active Directory Federation Services (AD FS), deploy Microsoft Entra Connect Health. Use the application activity report to discover AD FS applications. - Monitor AD FS with Connect Health - Application activity report Microsoft Defender Vulnerability Management Use software inventory in Defender Vulnerability Management to view software in your organization. - Software inventory Microsoft Defender for Cloud Apps Set up Cloud Discovery in Defender for Cloud Apps to get a snapshot of applications accessed by users. - Set up Cloud Discovery - Investigate apps Microsoft Intune discovered apps Intune discovered apps are detected by Intune enrolled devices in the tenant. It’s a software inventory of the tenant. On corporate devices, apps or managed apps aren’t collected for this report. - Discovered apps Azure DevOps Use this service for secure package management. Developers share code and manage packages in one place. - Azure Artifacts - Azure GitHub repos

3.2 Secure software development and integration

GitHub features like GitHub Advanced Security (GHAS) and GitHub Actions help you establish Zero Trust software development and deployment practices. GitHub Enterprise Cloud integrates with Microsoft Entra ID to manage entitlement with Microsoft Entra ID Governance and secure access with Conditional Access policies.

Developers can use Microsoft Authentication Libraries (MSAL) to integrate applications with Microsoft Entra ID. For more information, see Authenticate users for Zero Trust.

DoD Activity Description and Outcome	Microsoft guidance and recommendations
`Target` 3.2.1 Build DevSecOps Software Factory Pt1 The DoD enterprise creates the foundational standards for modern DevSecOps processes and CI/CD pipelines. The concepts are applied in a standardized technology stack across DoD organizations able to meet future Application Security requirements. An enterprise-wide Vulnerability Management program is integrated with the CI/CD pipelines following the Vulnerability Management Program activities. Outcomes: - Developed Data/Service Standards for DevSecOps - CI/CD Pipeline is fully functional and tested successfully - Vulnerability Management program is officially in place and operating	GitHub Actions GitHub Actions uses continuous integration and continuous delivery (CI/CD) to automate deployment pipelines. - GitHub Actions GitHub Advanced Security Use GitHub Advanced Security for GitHub and Azure DevOps to enhance the security of your code and development processes. - Advanced Security - Advanced Security for Azure DevOps Microsoft Entra SSO and provisioning Configure single sign-on (SSO) for Git tools using Microsoft Entra ID. - SSO integration with GitHub Enterprise Cloud organization - SSO integration with GitHub Enterprise Server - Connect an organization to Microsoft Entra ID To learn more about DevSecOps for Azure and other clouds, see the DoD Cheif Information Officer (CIO) Library.
`Target` 3.2.2 Build DevSecOps Software Factory Pt2 DoD Organizations will use their approved CI/CD pipelines to develop most new applications. Any exceptions will follow a standardized approval process to be allowed to develop in a legacy fashion. DevSecOps processes are also used to develop all new applications and update existing applications. Continual validation functions are integrated into the CI/CD pipelines and DevSecOps processes and integrated with existing applications. Outcomes: - Development of applications is migrated to CI/CD pipeline - Continual validation process/technology is implemented and in use - Development of applications is migrated to DevSecOps process and technology	GitHub Advanced Security Use GitHub Advanced Security to scan for code dependencies and vulnerabilities. Configure periodic builds to assess code quality. - Advanced Security - CodeQL code scanning - Secure supply chain Bicep in Azure Provision cloud infrastructure using infrastructure-as-code (IaC) with Azure Resource Manager (ARM) and Bicep templates. - Bicep Microsoft Defender for Cloud Enable Defender for Cloud workload protections for subscriptions with application workloads. - Protect cloud workloads Microsoft Defender for DevOps Use Defender for DevOps to monitor security and alerts of pipelines in Azure DevOps (ADO) and GitHub. - Defender for DevOps
`Target` 3.2.3 Automate Application Security & Code Remediation Pt1 A standardized approach to application security including code remediation is implemented across the DoD enterprise. Part one (1) of this activity includes the integration of a Secure API gateway with applications utilizing API or similar calls. Code reviews are conducted in a methodical approach and standardized protections for containers and their infrastructure are in place. Additionally, any serverless functions where the third-party manages the infrastructure such as Platform as a Service utilize adequate serverless security monitoring and response functions. Code Reviews, Container, and Serverless security functions are integrated into the CI/CD and/or DevSecOps process as appropriate. Outcomes: - Secure API Gateway is operational, and majority of API calls are passing through gateway - Application Security functions (e.g., code review, container, and serverless security) are implemented as part of CI/CD and DevSecOps	Azure Application Gateway Put publicly accessible web applications and APIs with Azure Application Gateway and Web Application Firewall. - Web Application Firewall Microsoft Entra ID applications Microsoft Entra ID is an authorization gateway for web application and API access. Expose APIs for registered applications using Microsoft Entra. Use built-in authentication and authorization (Easy Auth) in Azure App Service and Azure Functions. For Microsoft Entra ID-unaware APIs, use OAuth Authorization in Azure API management. - Configure an app to expose Web API - Authenticate and authorize in Azure App Service and Azure Functions - Authenticate and authorize to APIs GitHub Advanced Security Use GitHub Advanced Security for GitHub and Azure DevOps. See Microsoft guidance in 3.2.1. Microsft Defender for Cloud Enable Defender for Cloud workload protections for Azure subscriptions with API workloads. See Microsoft guidance in 3.2.2.
`Advanced` 3.2.4 Automate Application Security & Code Remediation Pt2 DoD Organizations modernize approaches to delivering internally developed and managed services following best practice approaches such as Microservices. These approaches will enable more resilient and secure architectures by allowing for quicker changes to code in each microservice as security issues are discovered. Further advancement security remediation activities continue across the DoD Enterprise with the inclusion of runtime security functions for containers as appropriate, automated vulnerable library updates and automated CI/CD approvals during the release process. Outcomes: - Secure API Gateway is operational and majority of API calls are passing through gateway - Services are provided following a Service Oriented Architecture (SOA) - Security Remediation activities (e.g., runtime security, library updates, release approvals) are fully automated	Complete activities 3.2.2 and 3.2.3.

3.3 Software risk management

GitHub Actions help automate, customize, and execute software development workflows for DevSecOps. With GitHub Actions, generate a software bill of materials (SBOM), analyze code, and scan for supply chain and dependency vulnerabilities. To learn more about GitHub Actions, see GitHub Actions.

DoD Activity Description and Outcome	Microsoft guidance and recommendations
`Target` 3.3.1 Approved Binaries/Code The DoD enterprise uses best practice approaches to manage approved binaries and code in a methodical approach. These approaches will include supplier sourcing risk management, approved repository usage, bill of materials supply chain risk management, and industry standard vulnerability management. Outcomes: - Supplier sourcing risk evaluated and identified for approved source - Repository and update channel established for use by development teams - Bill of Materials is created for applications identify source, supportability, and risk posture - Industry standard (DIB) and approved vulnerability databases are pulled in to be used in DevSecOps	GitHub Actions Standardize DevSecOps processes to generate a software bill of materials (SBOM) with a continuous integration and continuous delivery (CI/CD) pipeline. - Generate software bills of materials Use GitHub Dependabot and CodeQL to automate security checks and scan for dependency vulnerabilities. - CodeQL code scanning - Secure supply chain Windows Defender Application Control Use Windows Defender Application Control to prevent untrusted code from executing on managed endpoints. - Application Control and App locker - Platform code integrity
`Target` 3.3.2 Vulnerability Management Program Pt1 The DoD enterprise works with Organizations to establish and manage a Vulnerability Management program. The program includes a policy and standards agreed upon by all Organizations. The developed program includes at a minimum the track and management of public vulnerabilities based on DoD applications/services. Organizations establish a vulnerability management team with key stakeholders where vulnerabilities are discussed and managed following the enterprise policy and standards. Outcomes: - Vulnerability Management Team is in place w/ appropriate stakeholder membership - Vulnerability Management policy and process is in place and agreed to w/ stakeholders - Public source of vulnerabilities are being utilized for tracking	Threat and Vulnerability Management VM capabilities enable asset visibility, and intelligent assessments. TVM has built-in remediation tools for endpoints and servers. Use TVM with a vulnerability management program. - Microsoft Defender TVM Microsoft cloud security benchmark Review how Microsoft online services conduct vulnerability management. - TVM overview - Posture and vulnerability management
`Target` 3.3.3 Vulnerability Management Program Pt2 Processes are established at the DoD Enterprise level for managing the disclosure of vulnerabilities in DoD maintained/operated services both publicly and privately accessible. DoD Organizations expand the vulnerability management program to track and manage closed vulnerability repositories such as DIB, CERT, and others. Outcomes: - Controlled (e.g., DIB, CERT) sources of vulnerabilities are being utilized for tracking - Vulnerability management program has a process for accepting external/public disclosures for managed services	Threat and Vulnerability Management Use the weaknesses page in Microsoft Defender TVM to identify and prioritize vulnerabilities discovered on your organization’s devices and servers. - Vulnerabilities in the organization Track remediation activities using the TVM vulnerable devices report. - Vulnerable device report
`Target` 3.3.4 Continual Validation DoD Organizations will implement a continual validation approach for application development where parallel deployment is conducted and integrated with an approved environment level (e.g., user acceptance testing, Production). Applications unable to integrate continual validation into their CI/CD process are identified and exceptions are provided as needed using a methodical approach. Outcomes: - Updated Applications are deployed in a live and/or production environment - Applications that were marked for retirement and transition are decommissioned - Continual validation tools are implemented and applied to code in the CI/CD pipeline - Code requiring continuous validation is identified and validation criteria are established	Azure Chaos Studio Use Azure Chaos Studio to validate workloads. - Continuous validation GitHub Advanced Security Use GitHub features and actions for vulnerability management in the DoD Enterprise DevSecOps Reference Design. See Microsoft guidance in 3.2.1.

3.4 Resource authorization and integration

Conditional Access is the Zero Trust policy engine in Microsoft Entra ID. Connect your application workloads with Microsoft Entra ID. Use Microsoft Entra ID Governance to manage entitlements and secure sign ins with Conditional Access policies. The policies use security attributes, like device health, session details, and risk to make adaptive access decisions. Microsoft Entra ID, Azure Resource Manager, and CI/CD pipelines authorize resource deployment in Azure.

DoD Activity Description and Outcome	Microsoft guidance and recommendations
`Target` 3.4.1 Resource Authorization Pt1 The DoD enterprise standardizes on resource authorization approaches (e.g., Software Defined Perimeter) with the organizations. At a minimum, the resource authorization gateways will be integrated with identities and devices. Organizations deploy approved resource authorization gateways and enable for external facing applications/services. Other applications for migration and applications unable to be migrated are identified for exception or decommission. Outcomes: - Resource Authorization Gateway is in place for external facing applications - Resource Authorization policy integrated with identity and device - Enterprise-wide guidance on conversion standards are communicated to stakeholders	Microsoft Entra ID Microsoft Entra is an authorization gateway for application resources. Integrate modern and legacy applications for SSO with Microsoft Entra. See Microsoft guidance 1.2.4 in User. Microsoft Entra ID Governance Use Microsoft Entra ID Governance app roles for access to applications. Assign users to app roles using static membership, dynamic Microsoft Entra security groups, or entitlement management access packages. - Add app roles to an app and receive them in a token - Role-based access control Conditional Access Use Conditional Access policies to dynamically authorize, control, or block application access. See Microsoft guidance 1.8.3 in User and 2.1.4 in Device. Azure Application Gateway Enable publicly accessible web applications and APIs with Application Gateway and Web Application Firewall. See Microsoft guidance 3.2.3.
`Target` 3.4.2 Resource Authorization Pt2 Resource authorization gateways are used for all possible applications/services. Applications unable to utilize gateways are either decommissioned or excepted using a risk based methodical approach. Authorizations are further integrated with the CI/CD pipeline for automated decision making. Outcomes: - Resource Authorization gateway is utilized for all applications - Resource Authorization is integrated with DevSecOps and CI/CD for automated functions	Microsoft Entra Workload ID Use Workload identity federation to configure a user-assigned managed identity, or app registration to trust tokens from an external identity provider (IdP). Use the federated workload identity for GitHub Actions workflows. - Workload identity federation Azure API Management Use Azure API Management to manage, authorize, and expose services hosted on and outside Azure as APIs. - Azure API Management
`Target` 3.4.3. SDC Resource Authorization Pt1 The DoD enterprise provides a standardized approach for code-based compute management (i.e., Software Defined Compute) following industry best practices. Using risk-based approaches baselines are created using the approved set of code libraries and packages. DoD Organizations work with the approved code/binaries activities to ensure that applications are identified which can and can't support the approach. Applications which can support a modern software-based configuration and management approaches are identified and transitioning begins. Applications which cannot follow software-based configuration and management approaches are identified and allowed through exception using a methodical approach. Outcomes: - Applications unable to be updated to use approved binaries/code are marked for retirement and transition plans are created - Identified applications without approved binaries and code are updated to use approved binaries/code - Enterprise-wide Guidance on conversion standards are communicated to stakeholders	Secure development Design, develop, and deploy Azure applications following the security development lifecycle and published best practices. - Secure development - Infrastructure as code - Azure Policy as code workflows Microsoft Entra ID Use the Microsoft identity platform for application authentication and authorization. - Migrate apps and authentication Azure Migrate Migrate to modern app platforms like Azure Kubernetes Service (AKS) and App Service containers. - Migrate workloads to modern app platforms - Assess ASP.NET apps for migration to AKS - Assess ASP.NET apps for migration to Azure App Service
`Target` 3.4.4 SDC Resource Authorization Pt2 Applications which support software-based configuration and management have been transitioned to a production/live environment and are in normal operations. Where possible applications which cannot support software-based configuration and management are decommissioned. Outcomes: - Updated Applications are deployed in a live and/or production environment - Applications that were marked for retirement and transition are decommissioned	Azure Migrate Containerize and migrate ASP.NET apps and Java web apps using the Azure Migrate: App Containerization tool. Decommission applications that can't be modernized. - ASP.NET app containerization and migration to AKS - ASP.NET app containerization and migration to Azure App Service - Java web app containerization and migration to AKS - Java web app containerization and migration to Azure App Service
`Advanced` 3.4.5 Enrich Attributes for Resource Authorization Pt1 Initial attributes from sources such as User and Entity Activity Monitoring, Micro-segmentation services, DLP, and data rights management (DRM) are integrated into the Resource Authorization technology stack and policy. Any other attributes for later integration are identified and planned. Attributes are used to create basic risk posture of users, nonperson entities (NPEs), and devices allowing for authorization decisions. Outcomes: - Most API calls are passing through the Secure API Gateway - Resource Authorization receives data from Analytics Engine - Authorization policies incorporate identified attributes in making authorization decisions - Attributes to be used for initial enrichment are identified	Microsoft Entra applications Use Microsoft Entra ID to authorize modern applications and APIs. Deploy Microsoft Entra application proxy and Azure Arc-enabled servers to extend Microsoft Entra ID to legacy authentication protocols. See Microsoft guidance in 3.1.1 and in 3.2.3. Conditional Access Microsoft Entra is a secure gateway for resource authorization. Conditional Access is the authorization engine. Configure policies for detailed authorization using user, application, user, environment conditions, including device- compliance status. - Conditional Access - Conditional Access design - Require compliant devices Dynamic security groups Create dynamic security groups based on user attributes. Use dynamic groups to scope Conditional Access policies for static attribute authorization, based on user attributes. - Dynamic membership for groups - Users, groups, and workload identities Microsoft Purview sensitive information types Define sensitive information types with Exact Data Match (EDM). Use sensitive info types with Microsoft Purview Information Protection and Purview data loss prevention (DLP) policies. - Data match based on sensitive info types - Discover and protect sensitive info Microsoft Entra ID Governance Use Microsoft Entra ID Governance for access to applications with app roles. Assign users to app roles with static membership, dynamic security groups, or entitlement management access packages. - Add app roles and receive them in a token - Role-based access control
`Advanced` 3.4.6. Enrich Attributes for Resource Authorization Pt2 Extended identified attributes are integrated with the resource authorization technology and policy. Confidence scoring is introduced across the attributes to create a more advanced method of authorization decision making in an automated fashion. Outcomes: - Authorization policies incorporate confidence levels in making authorization decisions - Confidence levels for attributes are defined	Microsoft Entra ID Protection Use sign-in risk and user signals from Microsoft Entra ID Protection in a Conditional Access policy set. Configure authentication context including risk to establish confidence levels, based on environmental details and risk level. - Microsoft Entra ID risks - Policy template: sign-in risk MFA - Authentication context example See Microsoft guidance 1.3.3 in User. Custom security attributes Manage and assign custom security attributes for Microsoft Entra ID users. Use role assignment conditions for dynamic attribute-based access control (ABAC). - Custom security attributes
`Advanced` 3.4.7. REST API Micro-Segments Using the DoD Enterprise approved API gateway(s), application calls are micro-segmented only allowing authenticated and authorized access to specific destinations (e.g., microservices). When possible, API Micro-Segmentation consoles are integrated and aware of other Micro-Segmentation consoles such as Software Defined Perimeter Controllers and/or Software Defined Networking Consoles. Outcome: - Approved enterprise APIs are Micro-Segmented appropriately	Azure networking and connectivity Isolate, filter, and control network traffic across ingress and egress flows. Apply defense-in-depth principles using localized network controls at available network boundaries. Follow the Azure Well-Architected Framework. - Networking and connectivity recommendations - Segmentation strategy recommendations API design Follow recommended practices to design APIs for microservices. Protect and authorize APIs with Microsoft Entra ID. - Microservice APIs - Protect APIs

3.5 Continuous monitoring and ongoing authorizations

Microsoft Defender for Cloud security standards continually assess in-scope Azure subscriptions, Amazon Web Services (AWS) accounts, and Google Cloud Platform (GCP) projects with Defender for Cloud enabled for compliance with regulatory standards.

DoD Activity Description and Outcome Microsoft guidance and recommendations

Advanced 3.5.1 Continuous Authorization to Operate (cATO) Pt1
DoD Organizations utilize automation solutions within the environment to standardize the monitoring of controls and offer the capability to identify deviations. Where appropriate monitoring and testing are integrated with DevSecOps processes.

Outcomes:
- Controls derivation is standardized and ready for automation
- Controls testing is integrated with DevSecOps processes and technology DoD Chief Information Officer (CIO) Library
Integrate monitoring and testing into DevSecOps processes. See the DoD Enterprise DevSecOps Reference Design
- DoD CIO Library

Microsoft Defender for Cloud
Protect Azure and non-Azure workloads with Defender for Cloud. Use regulatory compliance and Azure Policy initiatives to assess infrastructure continuously with configuration standards. Prevent configuration drift.
- Assign security standards
- Multicloud environments

Microsoft Sentinel
Automate Sentinel integration and deployment operations with GitHub and Azure DevOps.
- Sentinel and Azure DevOps integration
- Deploy custom content from a repository

Advanced 3.5.2 Continuous Authorization to Operate (cATO) Pt2
DoD Organizations fully automate control derivation, testing and monitoring processes. Deviations are automatically tested and resolved using existing cross pillar automation infrastructure. Dashboarding is used to monitor the status of authorizations and analytics are integrated with the responsible authorizing officials.< /br>
Outcomes:
- Controls testing is fully automated
- Integration with standard IR and SOC operations is automated Microsoft Defender Threat and Vulnerability Management
Incorporate Threat and Vulnerability Management (TVM) in your vulnerability management program.

See Microsoft guidance in 3.3.2.

Azure DevOps and Microsoft Sentinel
Automate Sentinel integration and deployment operations with Azure DevOps.
- Sentinel integration with Azure DevOps

Microsoft Defender XDR and Sentinel
Integrate Microsoft Defender XDR and Defender for Cloud with Sentinel.
- Sentinel and Defender XDR for Zero Trust

DoD Activity Description and Outcome	Microsoft guidance and recommendations
`Advanced` 3.5.1 Continuous Authorization to Operate (cATO) Pt1 DoD Organizations utilize automation solutions within the environment to standardize the monitoring of controls and offer the capability to identify deviations. Where appropriate monitoring and testing are integrated with DevSecOps processes. Outcomes: - Controls derivation is standardized and ready for automation - Controls testing is integrated with DevSecOps processes and technology	DoD Chief Information Officer (CIO) Library Integrate monitoring and testing into DevSecOps processes. See the DoD Enterprise DevSecOps Reference Design - DoD CIO Library Microsoft Defender for Cloud Protect Azure and non-Azure workloads with Defender for Cloud. Use regulatory compliance and Azure Policy initiatives to assess infrastructure continuously with configuration standards. Prevent configuration drift. - Assign security standards - Multicloud environments Microsoft Sentinel Automate Sentinel integration and deployment operations with GitHub and Azure DevOps. - Sentinel and Azure DevOps integration - Deploy custom content from a repository
`Advanced` 3.5.2 Continuous Authorization to Operate (cATO) Pt2 DoD Organizations fully automate control derivation, testing and monitoring processes. Deviations are automatically tested and resolved using existing cross pillar automation infrastructure. Dashboarding is used to monitor the status of authorizations and analytics are integrated with the responsible authorizing officials.< /br> Outcomes: - Controls testing is fully automated - Integration with standard IR and SOC operations is automated	Microsoft Defender Threat and Vulnerability Management Incorporate Threat and Vulnerability Management (TVM) in your vulnerability management program. See Microsoft guidance in 3.3.2. Azure DevOps and Microsoft Sentinel Automate Sentinel integration and deployment operations with Azure DevOps. - Sentinel integration with Azure DevOps Microsoft Defender XDR and Sentinel Integrate Microsoft Defender XDR and Defender for Cloud with Sentinel. - Sentinel and Defender XDR for Zero Trust

Next steps

Configure Microsoft cloud services for the DoD Zero Trust Strategy:

Share via