Least-Privilege

Access Control is the security discipline that defines and enforces who can access systems, data, and resources. This SECMONS glossary entry explains access control models, common failures, and how broken enforcement leads to major security incidents.

Zero Trust is a security model that assumes no user, device, or system is inherently trusted, even inside the network perimeter. This SECMONS glossary entry explains Zero Trust principles, architectural components, and how it reduces attack surface and lateral movement risk.