Zero Trust Network Builder

How the simulator works

• Each scenario shows a real SPIFFE/SPIRE configuration, mTLS handshake flow, or federation setup with a hidden design or security flaw.
• Identify the issue from four plausible options; the wrong answers explain why they look tempting but are not the root cause.
• Read the production explanation, follow the linked SPIFFE/SPIRE module, and move to the next scenario.
• Score yourself across six rounds covering SPIFFE ID design, workload attestation, mTLS bootstrap, authorization, federation, and SVID rotation.