Mar 25
Loading video player...
Most enterprise organizations have been working at Zero Trust for years but many fail to deliver truly secure environments. Rohan Ravindranath shares valuable insights that Zappsec has gained from guiding the global teams that are getting it right. Discover where things often break down so you can avoid the common pitfalls. This segment is sponsored by Zappsec. Visit https://securityweekly.com/zappsecrsac to learn more about them! Read the interview summary from SC Media here: https://www.scworld.com/resource/zappsecs-rohan-ravindranath-on-zero-trust-that-actually-ships?utm_source=security-weekly&utm_medium=social&utm_campaign=rsac&utm_content=crtv-executive-interview Show Notes: https://securityweekly.com/rsac26-1 Timestamps: 00:00 - Intro – Zero Trust That Actually Ships (RSAC 2026) 00:20 - The Problem: Zero Trust Stuck in PowerPoint 01:16 - Why Zero Trust Fails in Real Enterprises 02:10 - Security as a “Gate” Is the Core Issue 03:10 - Cloud, Hybrid, and the Security Gap Explained 04:16 - Why Teams Optimize for Speed, Not Security 05:03 - Shift Left: Embedding Security from Day One 05:36 - What Is “Zero Trust as Code”? 06:30 - How to Build Secure Cloud Landing Zones 07:30 - Enforcing Security by Default (Not Optional) 08:10 - Multi-Vendor Environments & Policy Automation 08:40 - Drift Detection & Auto-Remediation Explained 08:55 - How Zero Trust Scales Across APIs & AI Systems 09:20 - Agentic AI in Security – What It Can (and Can’t) Do 10:40 - Why AI Needs Business Context to Work 11:20 - Is Your Infrastructure Ready for AI Security? 12:30 - 90-Day Zero Trust Roadmap (Overview) 12:45 - Days 0–30: Protect Crown Jewel Applications 13:40 - Microsegmentation & Default Deny Strategy 14:30 - Days 30–60: Kill VPNs & Move to ZTNA 15:10 - Identity-Based Security & Continuous Validation 15:30 - Days 60–90: Automate with Zero Trust Pipelines 16:10 - Biggest Mistake: Treating Everything as Critical 16:20 - Final Thoughts & Key Takeaways