8. Choose services designed for zero trust

[OSUso]

What makes a service "designed for zero trust"?
Instead of focusing on services branded as "designed for ZT" it would make more sense to mention additional principles that would be addressed with these products/services and haven't been mentioned specifically yet.

[ColinH1]

As ZT covers a broad set of requirements, the reality is that it is every difficult to choose a service designed for ZT out of the box, not many services do that currently or maybe ever will. When services are created from partnership with a vendor or internally there is an integration phase with other systems required to support ZT, like asset management, Identity, authentication, etc, so there has to be an integration design done to ensure that it meets the ZT requirements. I would suggest renaming this to "Design Services for Zero Trust".