1. 緣起
2. 國際零信任架構推動概況
3. 政府零信任架構規劃
4. 零信任架構符合性驗證
5. 政府機關導入零信任架構經驗分享
6. 結語

Currently, most network defense architectures primarily focus on detecting north-south network packet behavior. However, detecting east-west lateral network flow has always been a headache for IT professionals. This allows hackers to exploit this weakness, making it easy for them to infiltrate and spread within internal networks and locate critical targets without being easily detected. This session will share insights on leveraging network behavior analysis and monitoring from a blue team perspective to quickly identify hacker attack traces and problematic computers or devices.

In a zero trust architecture, despite mature practices in identity and device authentication, the methods for trust inference at Policy Decision Points (PDP) remain unclear. To address this, we propose a Trust Inference Maturity Model, providing enterprises with a flexible and effective strategy for trust inference. To rapidly adapt to evolving cyber threats, we integrate large language model technology to quickly generate and adjust risk rules, responding to the rapidly changing cyber threats and enhancing the adaptability and interpretability of the overall security architecture.

Discuss the Zero Trust architecture - the main principles, the main benefits of the Zero Trust principle, the three stages of Zero Trust, the shortcomings, challenges, misunderstandings and possible future of Zero Trust？ A preliminary exploration of the risk assessment and insurance assessment of information security and Zero Trust. the difference between information security and digital security will be discussed？

Sophisticated ransomware attacks require a holistic approach to mitigate the impact of a breach. Veritas 360 Defense unites the traditionally separate disciplines of data protection, data security, and data governance to ensure your data is safe, recovered rapidly, and in compliance.

Given the continually evolving threat landscape, disparate teams need to collaborate to combat attacks that can impact operations, revenue, and brand. Functional silos use different tools— often connected with custom code—to detect and mitigate attacks, slowing recovery. Such doit-yourself approaches can introduce vulnerabilities for threat actors to exploit.

Veritas 360 Defense brings together core capabilities from the Veritas portfolio, with pre-integrated solutions from our ecosystem of

cybersecurity partners to:

• Harden your security posture
• Reduce the impact of single- and double-extortion ransomware attacks
• Ensure recovery with the speed and confidence necessary to boost resiliency

Zero Trust Security prioritizes ongoing verification before granting access. However, its implementation encounters obstacles such as legacy technology, budget limitations, integration complexities, and a lack of awareness. Explore strategies to surmount legacy tech, manage budgets, address integrations, and empower your team with Zero Trust principles.

Businesses face ZTA hurdles due to external service reliance. Gartner's 2026 forecast highlights asset tracking challenges, leading to data aggregation from sources like CMDB, CISA's KEV, NIST NVD. Stringent management of these sources is crucial for resilient security in evolving threats.

In this talk, we will discuss the risk of source pollution increases. If any source is susceptible to manipulation, a successful modification will perhaps lead to information confusion, unwanted downloads, or even catastrophic security events such as DoS attack (faked GeoIP) and arbitrary code execution.