Evolving Micro-Segmentation for Preventative Security

Network security has changed significantly during the past several decades, and it’s time to rethink the way we’re approaching it today. To start, we need to embrace the idea of software-defined micro-segmentation. This SANS whitepaper addresses a few key changes we need to address:

• Looking at our entire environment as potentially untrusted or compromised, versus thinking in terms of “outside-in” attack vectors
• Better understanding intended application behavior and doing our best to enforce these approved application behaviors
• Focusing on trust relationships and system-to-system relationships within all parts of our environment