ON2IT Zero Trust

ON2IT Zero Trust is a managed cybersecurity service built around the Zero Trust security strategy, centered on the principle of "never trust, always verify." The service follows a five-step implementation methodology developed by Zero Trust founder John Kindervag and ON2IT's CTO Lieuwe-Jan Koning. The offering includes three core components: - AUXO™: A Zero Trust platform with EventFlow™ and Policy Validators for threat prevention - mSOC™: A 24/7 managed SOC service with detection and response capabilities operated from two fully functional Security Operations Centers - Zero Trust-driven MDR: Managed Detection and Response underpinned by Zero Trust principles The five-step Zero Trust implementation process involves: (1) defining protect surfaces using the DAAS model (Data, Applications, Assets, Services); (2) mapping transaction flows; (3) building a tailored Zero Trust architecture; (4) creating Layer 7 Zero Trust policy using the Kipling Method; and (5) monitoring and maintaining controls using telemetry, behavioral analytics, machine learning, and AI. ON2IT also offers a Zero Trust Readiness Assessment, a six-day guided evaluation that produces a strategic advisory report, gap-maturity diagrams, defined protect surfaces visible in the AUXO™ platform, improvement advice, and a customized Zero Trust roadmap. The service is designed around four core principles: defining business outcomes, designing security from the inside out, determining access on a need-to-know basis, and inspecting and logging all traffic through Layer 7.