Zero Trust Security

The Thirty-Nine Steps to Zero Trust

Identity, least privilege, and being pursued by one's own assumptions

John Buchan · 16 July 2026

The perimeter is dead; fortunately, it left a rather useful audit log.

Buchan's fugitive hero finds himself in an architecture where location proves nothing and the old perimeter has vanished into the heather. This practical treatment of zero trust covers strong identity, device posture, least privilege, continuous authorisation, audit trails, and the operational patience required to distrust politely at scale.

Contents

  1. The Man Who Trusted the Internal Network
  2. Credentials on the Flying Scotsman
  3. Least Privilege in the Highlands
  4. Thirty-Nine Steps and No Standing Access

Published by Austenpunk, the distinguished imprint for engineers who believe that every production incident would be improved by a stronger sense of narrative irony.

This essential volume combines literary feeling, technical anxiety, and just enough documentation to suggest that somebody once understood the system.

Cover of The Thirty-Nine Steps to Zero Trust
× Cover of The Thirty-Nine Steps to Zero Trust