- What it is
- Zero-trust exam security is the principle that the candidate's device is untrusted by default — the assessment is protected by controlling the network path and verifying device posture, rather than by trusting that the machine is clean.
- Why it matters
- Legacy proctoring assumes a benign candidate operating a benign device; every modern cheating tool weaponizes that assumption, which is why a zero-trust posture is a prerequisite for defensible high-stakes assessment.
- How Aiseptor implements it
- Aiseptor applies zero-trust principles from enterprise network security to remote assessment: every device joins an ephemeral enclave, every destination is authorized explicitly, and the integrity of the session is continuously re-verified.
Canonical definition
Zero-trust exam security is an architectural doctrine that treats the candidate's device as untrusted for the full duration of an assessment. Instead of building defenses around assumptions about the candidate's environment — that the installed applications are innocuous, that the camera catches every cue, that the browser is the only relevant attack surface — the model asserts that the device may be fully compromised and designs controls around that worst case. The exam platform therefore enforces a minimal, explicit set of allowed destinations; verifies device posture before and during the session; and treats any deviation as a signal rather than a proof-of-cheating. Zero-trust exam security is the category Aiseptor defines; it is the application, to assessment integrity, of the same principles that have reshaped enterprise network architecture over the last decade.
Citations
- [1]Aiseptor architecture whitepaper (public version) (2026)
- [2]NIST Special Publication 800-207, Zero Trust Architecture (2020)