What do you think?
Rate this book
Project Zero Trust: A Story about a Strategy for Aligning Security and the Business
Implement Zero Trust initiatives efficiently and effectively
In Project Zero A Story About a Strategy for Aligning Security and the Business, George Finney, Chief Security Officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT Security Director.
Readers will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach. They'll also
Concrete strategies for aligning your security practices with the business Common myths and pitfalls when implementing Zero Trust and how to implement it in a cloud environment Strategies for preventing breaches that encourage efficiency and cost reduction in your company's security practices Project Zero Trust is an ideal resource for aspiring technology professionals, as well as experienced IT leaders, network engineers, system admins, and project managers who are interested in or expected to implement zero trust initiatives.
In Project Zero A Story About a Strategy for Aligning Security and the Business, George Finney, Chief Security Officer at Southern Methodist University, delivers an insightful and practical discussion of Zero Trust implementation. Presented in the form of a fictional narrative involving a breach at a company, the book tracks the actions of the company's new IT Security Director.
Readers will learn John Kindervag's 5-Step methodology for implementing Zero Trust, the four Zero Trust design principles, and how to limit the impact of a breach. They'll also
Concrete strategies for aligning your security practices with the business Common myths and pitfalls when implementing Zero Trust and how to implement it in a cloud environment Strategies for preventing breaches that encourage efficiency and cost reduction in your company's security practices Project Zero Trust is an ideal resource for aspiring technology professionals, as well as experienced IT leaders, network engineers, system admins, and project managers who are interested in or expected to implement zero trust initiatives.
203 pages, Kindle Edition
Published August 9, 2022
85 people are currently reading
219 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 27 of 27 reviews
May 10, 2023
George Finney gives us the Phoenix Project for Zero Trust. There are phrases like “preventing breaches” that don’t ring true (as zero trust too assumes compromise, just tries to minimize the blast radius), but hey “zero trust” itself is a misnomer (as you still need to extend trust to your users and customers, only in a more calculated way). Overall the book covers the basics well and emphasizes the required collaboration and focus on business outcomes.
July 22, 2025
The Phoenix Project of Zero Trust.
I was already quite familiar with the principles of Zero Trust but I like how well this serves as an introduction and end-to-end approach at implementation. Finney does a nice job succinctly covering a wide array of topics from physical security, MITRE ATT&CK framework, NIST SPs, CSA standards, incident response while keeping focus on the business and it's measures of success.
Only gripe is how easy it was portrayed. Everyone across all business lines and product teams are instantly onboard and willing? A blank check budget? And they already had a CASB in their back pocket? Wish my own security experiences were like this.
It's a quick read and will reward you with some value resources in the appendices.
I was already quite familiar with the principles of Zero Trust but I like how well this serves as an introduction and end-to-end approach at implementation. Finney does a nice job succinctly covering a wide array of topics from physical security, MITRE ATT&CK framework, NIST SPs, CSA standards, incident response while keeping focus on the business and it's measures of success.
Only gripe is how easy it was portrayed. Everyone across all business lines and product teams are instantly onboard and willing? A blank check budget? And they already had a CASB in their back pocket? Wish my own security experiences were like this.
It's a quick read and will reward you with some value resources in the appendices.
May 7, 2023
I've known George Finney for years. He is one of the smartest cybersecurity practitioners on the planet and when I heard that he published a book on one of my favorite topics (Zero Trust) and that he got John Kindervag (The father of zero trust) to write the forward, I knew it was going to be good.
I've been thinking about zero trust for years and have written a lot about it in an effort to get my arms around the topic and to simply find the edges. As you all know, there's a lot of hype in the vendor space around the idea of zero trust. But I'm here to tell you that George gets it. And his method of explaining the key concepts of it is genius.
He takes a page from Gene Kim's “The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win" and Eliyahu Goldratt's “The Goal: A Process of Ongoing Improvement." Instead of writing a dry zero trust technical manual that only die hard fans of the subject would appreciate, he wrote a novel with real characters and a significant business crisis (a ransomware attack) that explains how the ideas and concepts of zero trust could be applied in a realistic scenario.
The main character is Dylan (Director of Infrastructure) and his first day on the job, the company gets hit with a ransomware attack. The CEO tells him to implement the first ever company wide zero trust strategy in time for a new product rollout in six months. The CEO doesn't want another ransomware attack to derail that major company milestone. Similar to the Phoenix Project, Dillan even has an Obi-Wan-Kenobi-like mentor that guides him in his efforts.
Throughout the story, readers learn that some of the infosec community's best practices (like Best of Breed tools, Defense-in-Depth, and compliance checklists) don't really form meaningful strategies with goals and progress metrics whereas zero trust can. We learn that trust in our technology and people is a vulnerability just waiting to be exploited.
Dylan believes that the primary goal of Zero Trust is to prevent breaches and that prevention is possible. His team members come to believe in this too but they also learn that Zero Trust is not achieved through one or more vendor tools. Zero trust is more of a philosophy, a way of thinking, and is never done. It's a journey and can be begun with the tools and people you already have in place.
In the story, Dylan's team is presented with various scenarios (attack surfaces) that they apply the zero trust strategy to like physical security, the company's crown jewels ( ERP and CRM), Identity, DevOps, the cloud, and APIs. Each time, the team gets more proficient in applying the zero trust methodology (Kindervag's 9 rules). The team notices that there are many zero trust frameworks out there (Gartner, Forrester, Google, and NIST) but their Obi Wan mentor recommends the NIST Framework. They also realize that it's not enough for the technicians to simply implement a bucket full of zero trust controls. The discover that they have to develop a company wide culture that embraces zero trust as a philosophy and it stars at the senior leadership level.
I've been thinking about zero trust for years and have written a lot about it in an effort to get my arms around the topic and to simply find the edges. As you all know, there's a lot of hype in the vendor space around the idea of zero trust. But I'm here to tell you that George gets it. And his method of explaining the key concepts of it is genius.
He takes a page from Gene Kim's “The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win" and Eliyahu Goldratt's “The Goal: A Process of Ongoing Improvement." Instead of writing a dry zero trust technical manual that only die hard fans of the subject would appreciate, he wrote a novel with real characters and a significant business crisis (a ransomware attack) that explains how the ideas and concepts of zero trust could be applied in a realistic scenario.
The main character is Dylan (Director of Infrastructure) and his first day on the job, the company gets hit with a ransomware attack. The CEO tells him to implement the first ever company wide zero trust strategy in time for a new product rollout in six months. The CEO doesn't want another ransomware attack to derail that major company milestone. Similar to the Phoenix Project, Dillan even has an Obi-Wan-Kenobi-like mentor that guides him in his efforts.
Throughout the story, readers learn that some of the infosec community's best practices (like Best of Breed tools, Defense-in-Depth, and compliance checklists) don't really form meaningful strategies with goals and progress metrics whereas zero trust can. We learn that trust in our technology and people is a vulnerability just waiting to be exploited.
Dylan believes that the primary goal of Zero Trust is to prevent breaches and that prevention is possible. His team members come to believe in this too but they also learn that Zero Trust is not achieved through one or more vendor tools. Zero trust is more of a philosophy, a way of thinking, and is never done. It's a journey and can be begun with the tools and people you already have in place.
In the story, Dylan's team is presented with various scenarios (attack surfaces) that they apply the zero trust strategy to like physical security, the company's crown jewels ( ERP and CRM), Identity, DevOps, the cloud, and APIs. Each time, the team gets more proficient in applying the zero trust methodology (Kindervag's 9 rules). The team notices that there are many zero trust frameworks out there (Gartner, Forrester, Google, and NIST) but their Obi Wan mentor recommends the NIST Framework. They also realize that it's not enough for the technicians to simply implement a bucket full of zero trust controls. The discover that they have to develop a company wide culture that embraces zero trust as a philosophy and it stars at the senior leadership level.
April 8, 2023
A superb introduction to zero trust security.
Told in a style not dissimilar to Phoenix Project, it pitches a fictitious company (March Fit) through a significantly challenging time for their security landscape, and presents John Kindervag's model around zero trust, but deep dives across a number of areas.
It feels like it'll be complimentary to more academic books rather than replace them, though it was a great listen.
Really recommended.
Told in a style not dissimilar to Phoenix Project, it pitches a fictitious company (March Fit) through a significantly challenging time for their security landscape, and presents John Kindervag's model around zero trust, but deep dives across a number of areas.
It feels like it'll be complimentary to more academic books rather than replace them, though it was a great listen.
Really recommended.
August 31, 2023
Four stars for content, two for presentation. The story is ok but it feels more as a construction to convey the content. A difficult art. However, three stars over all and recommended to anyone interested in security, zero trust etc
December 17, 2022
a good and practical way to learn about zero trust
March 22, 2024
This is the Phoenix Project for Cybersecurity. I had a blast reading through the story.
Most importantly, its not just a marketing pitch about Zero Trust or hand wavy text about zero trust. It covers technical aspects and how they relate to Zero Trust ideas. Remember! Zero Trust is not a product or a technology, its a process or a set of principles!
While today Zero Trust is often filled with bunch of marketing filler, George distills Zero Trust into it's fundamentals and why its important to achieve it and protect your attack surfaces through the lens of a ransomware incident at MarchFit. The physical security section was a pleasant surprise as well.
It's a diverse read and helped me learn better how technical and business people and components can interact to strengthen defenses.
I hope we can all keep in our minds that cybersecurity is about helping the business and not against it.
Most importantly, its not just a marketing pitch about Zero Trust or hand wavy text about zero trust. It covers technical aspects and how they relate to Zero Trust ideas. Remember! Zero Trust is not a product or a technology, its a process or a set of principles!
While today Zero Trust is often filled with bunch of marketing filler, George distills Zero Trust into it's fundamentals and why its important to achieve it and protect your attack surfaces through the lens of a ransomware incident at MarchFit. The physical security section was a pleasant surprise as well.
It's a diverse read and helped me learn better how technical and business people and components can interact to strengthen defenses.
I hope we can all keep in our minds that cybersecurity is about helping the business and not against it.
March 20, 2023
When you want to write another “Phoenix project” but also want to hype on Zero Trust.
Story line if the book is not it’s best feature, but neither is its technical side. It’s funny how it turns out, the company already has CASB product (they forgotten of) which comes handy when needed or how R&D team suddenly agrees to drop all their projects to do security stuff. One thing there believable is “oh, we want to rewrite everything in Rust”, seen this happening with each next new toy.
There are some good thoughts in the book, randomly scattered, this is why it gets two stars.
Overall, not worth reading.
Story line if the book is not it’s best feature, but neither is its technical side. It’s funny how it turns out, the company already has CASB product (they forgotten of) which comes handy when needed or how R&D team suddenly agrees to drop all their projects to do security stuff. One thing there believable is “oh, we want to rewrite everything in Rust”, seen this happening with each next new toy.
There are some good thoughts in the book, randomly scattered, this is why it gets two stars.
Overall, not worth reading.
October 14, 2023
I listened to the unabridged 8-hour audio version of this title (read by Daniel Thomas May, Ascent Audio, 2022).
Zero-Trust is a security approach that eliminates implicit trust in internal and external networks. Nothing is trusted by default and each access step undergoes mandatory checks. Because of hacking and infiltration, connections from the inside of your network or from trusted outside vendors could be just as malicious as those coming from elsewhere.
George Finney, a seasoned cybersecurity expert, is the Chief Security Officer at Southern Methodist University. In this book, he describes the Zero-Trust security strategy by telling a story. A number of employees of a fictitious company, including the just-hired IT Security Director, talk with internal and external experts as they try to deal with an in-progress ransomware attack and make their company ready for future attacks. Each chapter focuses on a particular sub-topic, with a recap of the main ideas, that is, a list of takeaways, provided at the end.
Implementing any security strategy presents a tradeoff between vulnerability and employee convenience/productivity. For example, allowing log-ons that persist for a long time makes it easier on users but is a recipe for disaster in terms of increasing the chances of intrusion. As another example, multi-factor authentication, done several times during the workday, creates extra work for users, but has a significant impact on security.
As they say, security is a weakest-link phenomenon, so all aspects of the system, from physical security to identity services and remote-access guidelines, must be included in the planning. Conventional wisdom has it that security is expensive. However, proper implementation of a security protocol can actually save money, besides the fact that insecurity can be extremely more costly.
John Kindervag, who is given credit for inventing the Zero-Trust model of cybersecurity, has written the book's foreword.
On May 12, 2021, President Biden issued an executive order on improving the nation's cybersecurity, particularly against hostile nations, that includes directives for removing the barriers to effective sharing of cyberthreat information and advocates modernizing federal government cybersecurity through the adoption of best practices such as Zero-Trust.
https://www.whitehouse.gov/briefing-r...
Apparently, Zero-Trust does not ensure complete security, because the author & publisher have included extensive disclaimers at the beginning of the book to protect themselves against legal trouble!
In the following 8-minute video, Finney describes how the book came about and what he tried to accomplish by writing the book.
https://www.helpnetsecurity.com/2022/...
Zero-Trust is a security approach that eliminates implicit trust in internal and external networks. Nothing is trusted by default and each access step undergoes mandatory checks. Because of hacking and infiltration, connections from the inside of your network or from trusted outside vendors could be just as malicious as those coming from elsewhere.
George Finney, a seasoned cybersecurity expert, is the Chief Security Officer at Southern Methodist University. In this book, he describes the Zero-Trust security strategy by telling a story. A number of employees of a fictitious company, including the just-hired IT Security Director, talk with internal and external experts as they try to deal with an in-progress ransomware attack and make their company ready for future attacks. Each chapter focuses on a particular sub-topic, with a recap of the main ideas, that is, a list of takeaways, provided at the end.
Implementing any security strategy presents a tradeoff between vulnerability and employee convenience/productivity. For example, allowing log-ons that persist for a long time makes it easier on users but is a recipe for disaster in terms of increasing the chances of intrusion. As another example, multi-factor authentication, done several times during the workday, creates extra work for users, but has a significant impact on security.
As they say, security is a weakest-link phenomenon, so all aspects of the system, from physical security to identity services and remote-access guidelines, must be included in the planning. Conventional wisdom has it that security is expensive. However, proper implementation of a security protocol can actually save money, besides the fact that insecurity can be extremely more costly.
John Kindervag, who is given credit for inventing the Zero-Trust model of cybersecurity, has written the book's foreword.
On May 12, 2021, President Biden issued an executive order on improving the nation's cybersecurity, particularly against hostile nations, that includes directives for removing the barriers to effective sharing of cyberthreat information and advocates modernizing federal government cybersecurity through the adoption of best practices such as Zero-Trust.
https://www.whitehouse.gov/briefing-r...
Apparently, Zero-Trust does not ensure complete security, because the author & publisher have included extensive disclaimers at the beginning of the book to protect themselves against legal trouble!
In the following 8-minute video, Finney describes how the book came about and what he tried to accomplish by writing the book.
https://www.helpnetsecurity.com/2022/...
April 2, 2025
I'm a fan of The Phoenix Project, so Project Zero Trust felt right at home for me. George Finney does a great job employing a similar allegorical approach to convey the core message, and it works just as well. The story was engaging and felt realistic, which is crucial for this type of book. Having worked in IT for 20 years and only recently shifted into a cybersecurity focus, this book was also very timely for me. I think anyone in IT with an appreciation for productivity-style books will enjoy this one as much as I did.
One of my favorite aspects was the Key Takeaways at the end of each chapter. However, the appendices were truly the icing on the cake. The actionable information and summaries were incredibly useful; I've even printed several of the tables to explore further. After reading this, I'm fully committed to embracing the author's advice to "Abandon All Trusts, Ye Who Enter" and excited to continue my information security journey with a zero trust mindset!
Beyond the core content, I really appreciated the author's obvious love for pop culture. I caught a few name references early on, but it wasn't until they started piling up that I realized it was intentional. I’m sure I missed some, but here are a few favorites that stood out:
• Agent Paul Smecker (referring to Willem Dafoe's character in The Boondock Saints, including making me literally laugh out loud at this line: "Agent Smecker walked to Dylan and firmly shook his hand. “I just wanted to say, that was a real firefight.”")
• Victor (Vic) Vega (referring to Michael Madsen's character as Mr. White in Reservoir Dogs, which was cool, especially since Reservoir Dogs was referenced directly later)
• Mia Wallace (referring to Uma Thurman's character in Pulp Fiction)
• Brian Fantana (referring to Paul Rudd's character in Anchorman)
Other references I noted included a direct nod to The Phoenix Project, a fun distinction between hair metal and glam rock, and shout-outs to Elden Ring, Hedy Lamarr, and Johnny Mnemonic.
Overall, it was a really fun read that I am sure I will go back to again and would recommend to a friend.
One of my favorite aspects was the Key Takeaways at the end of each chapter. However, the appendices were truly the icing on the cake. The actionable information and summaries were incredibly useful; I've even printed several of the tables to explore further. After reading this, I'm fully committed to embracing the author's advice to "Abandon All Trusts, Ye Who Enter" and excited to continue my information security journey with a zero trust mindset!
Beyond the core content, I really appreciated the author's obvious love for pop culture. I caught a few name references early on, but it wasn't until they started piling up that I realized it was intentional. I’m sure I missed some, but here are a few favorites that stood out:
• Agent Paul Smecker (referring to Willem Dafoe's character in The Boondock Saints, including making me literally laugh out loud at this line: "Agent Smecker walked to Dylan and firmly shook his hand. “I just wanted to say, that was a real firefight.”")
• Victor (Vic) Vega (referring to Michael Madsen's character as Mr. White in Reservoir Dogs, which was cool, especially since Reservoir Dogs was referenced directly later)
• Mia Wallace (referring to Uma Thurman's character in Pulp Fiction)
• Brian Fantana (referring to Paul Rudd's character in Anchorman)
Other references I noted included a direct nod to The Phoenix Project, a fun distinction between hair metal and glam rock, and shout-outs to Elden Ring, Hedy Lamarr, and Johnny Mnemonic.
Overall, it was a really fun read that I am sure I will go back to again and would recommend to a friend.
This entire review has been hidden because of spoilers.
June 27, 2023
This book seems to want to be the Zero Trust Security (ZT) version of The Phoenix Project of The GOAL, except it is way too high level. There is also a sub-plot where it wants to be The Cuckoo's Egg.
It provides some good introductory material about ZT, then starts to touch on all the traditional area of security and that ZT has to also address them. However the "HOW" of how to do this is very light on details. Which is ironic since it talks about The Kipling Model in chapter one and one of the "six serving men" is how.
There is need to introductory books on ZT. This one doesn't cover it well enough to spark someone's interest though. The GOAL and The Phoenix Project get you excited about changing how things are done at your organization. I'm doubtful that this book will do that for many people.
It provides some good introductory material about ZT, then starts to touch on all the traditional area of security and that ZT has to also address them. However the "HOW" of how to do this is very light on details. Which is ironic since it talks about The Kipling Model in chapter one and one of the "six serving men" is how.
There is need to introductory books on ZT. This one doesn't cover it well enough to spark someone's interest though. The GOAL and The Phoenix Project get you excited about changing how things are done at your organization. I'm doubtful that this book will do that for many people.
November 27, 2022
I've seen some comments about the takeways section for each chapter. They indicate that readers would probably prefer if they were omitted from the story and that they should be appendices. Personally, I thought the takeway section per chapter was helpful. I can see how someone with more experience might not benefit as much from the material, but as a newcomer to cybersecurity, I feel it helped clear out and reiterate some of the material being covered.
Having this novel set as a fictional experience was very helpful in not only understanding the concepts, but in giving a mental image of the role that individuals would play in making this kind of corporate change. I enjoyed the book and the format.
Having this novel set as a fictional experience was very helpful in not only understanding the concepts, but in giving a mental image of the role that individuals would play in making this kind of corporate change. I enjoyed the book and the format.
September 11, 2023
Neat idea to try it, but not as well done as The Goal or The Phoenix Project. For the record, I wasn't impressed by The Unicorn Project, either. Conversation was awkward, and it was hard to tell who the intended audience was. The characters would use a bunch of IT jargon without explanation, and then randomly a character wouldn't know some basic security term that another character would detail for them. The examples won't last the test of time like the generic production line in The Goal have. Using magnetic and rfid cards for door access was one such case. It was worthwhile - money not wasted.
June 25, 2023
This novel/manual style results very interesting and practical. It allows to imagine ZT in a more real life scenario, touching real life problems and examples that relate to the every day in an organization. Probably an only theory book could be more complete, but also more boring.
Highly recommended.
Highly recommended.
February 7, 2024
Similar to "The Phoenix Project" although not as good, like "The Unicorn Project" the hard challenges are not described well enough - the characters goes through the implementation of Zero Trust a bit too easily.
Authorization and authentication is only briefly discussed despite being central to the concepts.
Authorization and authentication is only briefly discussed despite being central to the concepts.
November 24, 2024
I don't blame the author for trying to do a Phoenix Project-style novelization for InfoSec, but zero trust as a concept just isn't enough content to be worth the book. The Pheonix Project is great because it argues for an entirely different way of thinking about IT/software operations (and security). This book tells you to get a CASB?
September 28, 2022
layout
While I think this was and is a vital read for those who work in Cybersecurity, the takeaways at the end of the each chapter took me out of the story. The takeaways are critical for understanding but I would recommend an appendix separate for those.
While I think this was and is a vital read for those who work in Cybersecurity, the takeaways at the end of the each chapter took me out of the story. The takeaways are critical for understanding but I would recommend an appendix separate for those.
September 14, 2023
If you're a fan of the Patrick Lencioni books, you're going to love this one. The storyline keeps you entertained while also getting the key concepts across and providing plenty of detailed resources for further reading.
October 25, 2023
Skip it. The story provided little value to the overall content and it was filled with irrelevant nerd culture humor. You’d be much better off reading John’s original white paper from Forester and NIST SP 800-207 Zero Trust Architecture.
October 8, 2025
Digestible, simplified and organized in breaking down how a zero trust initiative could work in the (idealized) real world.
Gotta wonder who else is reading this book. Can't tell who this is written for.
Gotta wonder who else is reading this book. Can't tell who this is written for.
December 9, 2022
Great read for anyone in Cyber security.
February 28, 2023
Great book, if your looking at a great way to look at zero trust i highly recommend this book.
July 20, 2023
Good book for IT professionals if you want to learn about zero trust. Presents the aspects in a story format to explain them.
December 8, 2023
nice story. important topic
I am being generous as story telling was nice. As many others have said this is phoenix project inspired book around Zero Trust.
I am being generous as story telling was nice. As many others have said this is phoenix project inspired book around Zero Trust.
February 27, 2024
I liked the way the author turned it into story telling
December 14, 2025
Short read. It's definitely heavier compared to The Phoenix Project. Might not be my cup of tea to be frank but might lean in , more on security professionals (key works in the title).
October 8, 2025
I enjoyed Phoenix Project, which a lot of people related this to. I did not enjoy this book as much. It felt like I could have just gotten a white paper of key topics and gotten the idea, saving me the 6 hours it took to listen to the audiobook.
There was a lot of forced nerdy topics that had my eyes rolling. Agent Paul Smecker's name was pulled directly from Boondock Saints, which if I'm not mistake was a play on "small pecker" which makes me wonder if the author knew that or not.
Found an actual error in the audiobook where Brent left the room to get a bundt cake but then the next sentence described someone "who Brent hadn't seen before" and I'm pretty sure Brent was supposed to be Dylan. Not sure if that's on the narrator or the text of the book.
Dylan the protagonist is a security director and in order to narrate to the reader they have him ask what OWASP is, something any security director worth their salt would be well aware of. Not to mention him following up by asking what SQL injection is. It just sucks when you have dumb down your characters in order to give an excuse to educate your reader.
There was a lot of forced nerdy topics that had my eyes rolling. Agent Paul Smecker's name was pulled directly from Boondock Saints, which if I'm not mistake was a play on "small pecker" which makes me wonder if the author knew that or not.
Found an actual error in the audiobook where Brent left the room to get a bundt cake but then the next sentence described someone "who Brent hadn't seen before" and I'm pretty sure Brent was supposed to be Dylan. Not sure if that's on the narrator or the text of the book.
Dylan the protagonist is a security director and in order to narrate to the reader they have him ask what OWASP is, something any security director worth their salt would be well aware of. Not to mention him following up by asking what SQL injection is. It just sucks when you have dumb down your characters in order to give an excuse to educate your reader.
Displaying 1 - 27 of 27 reviews