About this course
Modern enterprises cannot rely on network perimeters to enforce security. The BeyondCorp model and subsequent industry experience have proven that assuming breach is the only defensible starting position. This course teaches you to design, build, and operate a zero-trust estate from first principles, covering identity-aware proxies, device posture, micro-segmentation, and policy engines that enforce least-privilege at runtime.
What you will learn
- Why perimeter-based security fails and how the BeyondCorp model addresses the gap
- mTLS, OIDC, and certificate-based device authentication in practice
- Kubernetes NetworkPolicy and service mesh micro-segmentation
- Open Policy Agent and Cedar for fine-grained, attribute-based access control
- Configuring identity-aware proxies: Pomerium and Google IAP end to end
- Audit logging, anomaly detection, and continuous verification
- Migrating a legacy VPN estate to zero-trust across six phased steps
- Integrating zero-trust controls into existing CI/CD pipelines
Your instructor
Ayodele Ajayi
Principal Engineer
Principal Engineer based in Kent, UK, with extensive experience across cloud-native security, platform engineering, and distributed systems. Ayodele has led engineering teams at scale and writes about what he learns — with a bias towards things that actually work in production.
Related courses
Continue building your skills in this area.