all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Microsegmentation Needs to Isolate All Lateral Movement – Including Service Account Abuse

Add to bookmarks
c
April 7, 2023, 5:07 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by TrueFort. Written by Matt Hathaway. The devastating part of a cyber attack is when it reaches application environments with sensitive data to steal or encrypt. While microsegmentation is recognized as the best way to minimize the spread of the initial compromise, it cannot truly isolate via network blocking alone. Controlling lateral movement requires that you also prevent service accounts from running commands on workloads where they aren’t required for application op...

abuse account accounts application attack blocking compromise cyber data encrypt environments lateral movement matt microsegmentation network sensitive data service service accounts steal truefort workloads

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
Priorities Beyond Email: How SOC Analysts Spend Their Time 4 days, 2 hours ago | cloudsecurityalliance.org
abnormal abnormal security analysts beyond +25
Cl
Ignoring the Change Healthcare Attack Invites a Cycle of Disaster 4 days, 2 hours ago | cloudsecurityalliance.org
adversaries alphv attack authorization +22
Cl
It’s Time to Throw Away the Manual with Evidence Collection 4 days, 16 hours ago | cloudsecurityalliance.org
can changing collection compliance +16
Cl
The Risk and Impact of Unauthorized Access to Enterprise Environments 4 days, 16 hours ago | cloudsecurityalliance.org
access advanced api api security +28
Cl
Automated Cloud Remediation – Empty Hype, Viable Strategy, or Something in Between? 4 days, 16 hours ago | cloudsecurityalliance.org
amp automated automation cloud +15
Cl
Cloud Security Alliance and SAFECode Release Sixth and Final White Paper in Its Six Pillars … 6 days, 23 hours ago | cloudsecurityalliance.org
alliance best practices certifications clear +19
Cl
Exploring Syscall Evasion – Linux Shell Built-ins 1 week ago | cloudsecurityalliance.org
article can detection evasion +13
Cl
Apple's New iMessage, Signal, and Post-Quantum Cryptography 1 week ago | cloudsecurityalliance.org
apple application attack computers +25
Cl
2024 State of SaaS Security Report Shows A Gap Between Security Team Confidence And Complexity … 1 week ago | cloudsecurityalliance.org
applications complexity data enterprise +18

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

PNT/NAVWAR Space Electronic Warfare Instructor II – Officer Training Course

@ Aleut Federal | Colorado Springs, Colorado, United States
View on infosec-jobs.com

Sr Director, Cybersecurity SIRT

@ Workday | USA, VA, McLean
View on infosec-jobs.com