ICYMI: Top 5 Blogs on Securing the Atomized Network
By Netography Team
We know that keeping up with the latest cybersecurity industry news, viewpoints, and trends can be a full-time job. But staying informed is paramount because we are in the middle of a doctrinal shift in the security industry, that requires new technology innovations available to help you protect your organization.
To quickly get up to speed on some “must-read” topics, below is a list of our top five blogs for the first half of 2022. Scan through the recaps and click on the links to read the blogs that interest you most.
Megatrends and the doctrinal shift in enterprise security
As organizations started moving to the cloud over the last decade, it became apparent that compared to what was possible in the days of on-premise systems, the ability to secure what’s running in someone else’s environment is relatively limited. Applications and data are scattered across a complex environment consisting of multi-cloud, on-premises, and legacy infrastructure, being accessed by increasingly mobile and remote workers.
This Atomized Network is the first megatrend that is exposing deficiencies in security architectures and offerings for the modern enterprise. The second megatrend underpinning a shift in how we approach security for today’s enterprise is Zero Trust. In this blog, Martin Roesch takes an in-depth look at these megatrends and the doctrinal shift they are driving in enterprise security.
In the Atomized Network appliances are a dead end. Think outside the box.
Conventional threat detection and application-aware security on the network has historically required deep packet inspection (DPI) appliances that were deployed in the middle of network traffic. But the Atomized Network and Zero Trust are revealing that DPI appliances were architected for an old and dying paradigm — there is no middle anymore. In this blog, Matt Wilson explains why DPI appliances are a dead end and how to think outside the box to innovate security for your modern enterprise.
Threat detection with network metadata vs DPI
Want to dig deeper into the power of metadata for threat detection as Zero Trust proliferates? Having spent much of his career using DPI for threat detection, Joel Esler provides a technical look at the impact of encryption on the effectiveness of DPI, including tactics organizations have used in the past to deal with the increasing amount of encryption and the limitations and follow-on implications of these workarounds. He also explains how to use metadata from the network itself to examine all your network traffic, encrypted and decrypted, in real-time to detect and protect against attacks. Not only is this more effective in providing comprehensive network visibility, but Netography’s detection models are also proven to detect and defend against stealthy attacks instantly.
In an EDR-focused world, you still need network visibility
There are good reasons why the EDR market is thriving. Agent-based endpoint detection has demonstrated clear value in protecting endpoints, and in many ways provides unique visibility into local processes. However, because of EDR, people have neglected network visibility. In the Atomized Network, complexity and fluidity create gaps that EDR simply can’t address. In this blog, Matt Wilson discusses these challenges and explains how you can complement EDR with a detection approach that is agentless and passive for more comprehensive protection as your organization expands its cloud footprint.
Complexity is the enemy of security, so live off the land
Organizations struggle to defend their network because it is so dispersed and dynamic that they don’t know what they’ve got, what it is all doing, and what it might be vulnerable to. What’s more, since no security solution can address the entire challenge of securing a modern network, organizations use a “defense in depth” approach which introduces more complexity. In this blog, Martin Roesch explains how Netography’s approach to living off the land has allowed us to design and deploy a solution that reduces security complexity in several ways.
We hope you find this guide a useful tool to help you catch up quickly on important topics you may have missed earlier this year.