<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Architecture on Trust Anchor</title><link>https://trustanchor.pro/categories/architecture/</link><description>Recent content in Architecture on Trust Anchor</description><generator>Hugo -- gohugo.io</generator><language>en</language><copyright>© 2026 George Vaculik</copyright><lastBuildDate>Fri, 10 Jul 2026 11:00:00 +0200</lastBuildDate><atom:link href="https://trustanchor.pro/categories/architecture/index.xml" rel="self" type="application/rss+xml"/><item><title>The reference platform — the high-level scheme</title><link>https://trustanchor.pro/posts/reference-platform-architecture-overview/</link><pubDate>Fri, 10 Jul 2026 11:00:00 +0200</pubDate><guid>https://trustanchor.pro/posts/reference-platform-architecture-overview/</guid><description>The whole reference platform fits on one page — and each post deep-dives a single component. The platform is a multi-tenant, multi-engagement, regulated-cloud delivery vehicle for Microsoft Entra + Azure + M365 governance; this post is the high-level map — a consolidated view of ~20 components across five layers (Delivery / Security operations / Identity / Substrate / Assurance) and the load-bearing dependencies between them. It is the territory every slice-post sits on.</description></item><item><title>Two perimeters, one trust anchor</title><link>https://trustanchor.pro/posts/trust-anchor-thesis/</link><pubDate>Tue, 26 May 2026 10:00:00 +0200</pubDate><guid>https://trustanchor.pro/posts/trust-anchor-thesis/</guid><description>The problem that started this blog: a Microsoft cloud tenant that grew faster than any person could track. The solution: everything-as-code — CA, PIM, Defender, Sentinel, M365 settings, Azure infrastructure all declared in version-controlled repos and delivered by pipeline. And the two-perimeter identity architecture that makes it trustworthy.</description></item></channel></rss>