Zero Trust became a budget line item, and that’s how you know it stopped meaning anything.

The original concept was simple and correct. Stop assuming anything inside your perimeter is safe. Verify every request. Authenticate every connection. Authorize every action. Assume breach. It was a mental model born from watching network after network fall because someone trusted a flat LAN and a VPN concentrator to do the job of actual access control.

Then the vendors got hold of it.

Now Zero Trust is a product you can buy. It comes with a dashboard. It has a maturity model. Your CISO presented it to the board with a slide deck that used the word “journey” four times. You deployed an identity provider, added conditional access policies, maybe even did microsegmentation on paper.

You checked the box.

You moved on.

The problem is your Zero Trust architecture still implicitly trusts at least a dozen things that will get you burned, and nobody on your security team is talking about them because they exist outside the neat perimeter of what the vendor sold you.

Start with your identity provider itself.

Your entire Zero Trust model collapses to a single point of failure - the IdP. Okta, Entra ID, pick your flavor. Every authentication decision flows through it. Every conditional access policy lives there. Every session token originates from it. Compromise the IdP and you don’t bypass Zero Trust. You become Zero Trust. You are now the trusted entity issuing legitimate tokens, setting legitimate policies, creating legitimate sessions. LAPSUS$ demonstrated this against Okta in 2022. The response from most organisations was to keep trusting Okta and add a monitoring integration.

That’s a coping mechanism.

Your device trust model is the next fault line.

You probably check device compliance before granting access. Is the OS patched? Is the EDR agent running? Is the disk encrypted? That compliance check happens at authentication time. What happens sixty seconds later when a kernel exploit lands, the EDR agent gets blinded via a BYOVD technique, and the device is now hostile but still holding a valid session token? Your Zero Trust architecture granted access based on a point-in-time attestation and then stopped asking questions. The session lives for hours. The compromise takes seconds.

You’re trusting a snapshot in a world that moves between frames.

Then there’s the supply chain, where Zero Trust goes completely silent.

Your microsegmented, identity-verified, continuously-authenticated environment runs on software you didn’t write, signed by certificates you didn’t issue, built in CI/CD pipelines you’ve never audited, depending on packages pulled from public registries by developers who will install anything that saves them forty minutes. SolarWinds was a signed, trusted update from a verified vendor, distributed through legitimate channels, executing with the privileges your Zero Trust model explicitly granted it. Your architecture trusted the supply chain because the supply chain was never in scope.

It never is.

The implicit trust in your cloud control plane is maybe the most dangerous because it’s the most invisible. Your workloads might be microsegmented. Your service accounts might have least privilege. But the AWS IAM administrator, the Azure Global Admin, the GCP Organization Admin, these roles exist above your Zero Trust architecture, not within it. They are the gods of your environment and they operate with trust that is absolute and largely unmonitored. One compromised cloud admin credential and your entire segmentation model is a configuration change away from irrelevance.

Most organizations have between three and thirty people with this level of access.

How many of them have hardware tokens? How many of their personal devices are managed? How many of them reuse passwords?

You already know the answers and you’re uncomfortable with them.

Your secrets management tells the same story. Workload identity federation is getting better, but the reality in most environments is that service accounts still authenticate with long-lived credentials stored in environment variables, config files, vaults with overly broad access policies, or worse, hardcoded in source repos.

Your Zero Trust model says every request must be authenticated and authorized. Your implementation says here’s an API key that never expires and has admin access to the database, and it lives in a .env file that six microservices and fourteen developers can read.

Nobody wants to talk about the trust placed in the security tooling itself. Your SIEM, your SOAR, your EDR console, your vulnerability scanner.

These systems have privileged access to every endpoint, every log, every credential in your environment. They are the most trusted components in your architecture and they receive the least scrutiny. When was the last time you pen tested your SIEM? When did you review the access controls on your EDR management console? These tools are connected to everything, administered by a small team, and running on infrastructure that’s often a generation behind your production environment. They are the perfect pivot point and they sit in a blind spot created by the assumption that security tools are inherently trustworthy.

The human layer breaks the model entirely.

Zero Trust was never designed to handle the case where the authenticated, authorized, compliant user is the threat. Insider threat lives inside the trust boundary by definition. Your conditional access policy doesn’t fire when a disgruntled sysadmin with legitimate access to production databases decides to exfiltrate customer data. Your microsegmentation doesn’t help when the threat actor is a developer who is supposed to be in that segment.

Zero Trust verifies identity. It doesn’t verify intent.

And intent is where the actual risk lives.

The pattern here is consistent. Every Zero Trust implementation I’ve assessed draws a boundary around what it controls and then implicitly trusts everything outside that boundary. The IdP. The supply chain. The cloud control plane. The security tooling. The humans. The hardware. The firmware. The build pipeline. The certificate authorities. The DNS infrastructure.

These are the walls of your architecture. And your Zero Trust model treats them as foundations rather than attack surfaces.

This isn’t an argument against Zero Trust as a concept. The principles are sound. Verify explicitly. Use least privilege. Assume breach.

The argument is against the implementation reality, where Zero Trust became a product category instead of a threat model, where the architecture verifies the easy things and trusts the hard things, where the marketing says “never trust, always verify” but the deployment says “we trust our vendors, our cloud providers, our identity infrastructure, our employees, our build systems, our security tools, and our own ability to maintain this configuration without drift.”

Real zero trust would require treating your own infrastructure as hostile. Your own IdP as potentially compromised. Your own employees as potential threats. Your own security tools as potential pivot points. Your own cloud provider as a potential adversary.

That level of paranoia is expensive, uncomfortable, and operationally painful.

It doesn’t fit on a vendor slide. It doesn’t produce a clean compliance checkbox. It doesn’t make the board feel safe.

Which is exactly why almost nobody does it.

And exactly why it’s the only version that works.