Den Jones Explains Project ZEN


Inner Circle Podcast Episode 013

When attackers can consistently crack or compromise the credentials of legitimate users to gain access to your network, it is less and less feasible to trust a user based solely on that initial authentication. For this episode of the Inner Circle podcast, I am joined by Den Jones, director of enterprise security for Adobe, to talk about Project ZEN — Adobe’s implementation of zero trust.

ZEN is an acronym for “Zero-Trust Enterprise Network”. Adobe wanted to improve its security posture and take action to try and ensure proactive cybersecurity for Adobe employees and their data. Jones and Adobe have determined that the most effective way to do that is to adopt a zero trust mentality.


The core concept is that nothing is inherently trusted. Rather than authenticating a user at initial login and assuming that all actions from that point forward are authorized and benign, Project ZEN (or zero trust in general) constantly monitors and verifies each action and interaction to ensure it still meets with established policies and does not seem inherently suspicious or malicious.

To learn more about zero trust and Adobe Project ZEN, listen to this episode of the Inner Circle podcast. You can also check out this blog post from Adobe that provides more detail. Feel free to comment below to share your thoughts on zero trust security and this episode of the Inner Circle.


About Author

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 3 dogs, 4 cats, 3 rabbits, 2 ferrets, pot-bellied pig and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.


  1. Complete Fraud – No facts other than a story to tell.. The use of Zero Trust is only marketing with no facts to support this being zero trust. The only trust is authenticating a user at initial login – the the user is fully trusted for any subsequent access – no checks for whether the user is compromised – just a full trust of the user once they auth. This is totally bogus and close to fraudulent – sales pitch