/

Illumio et Bishop Fox publient un rapport de test unique en son genre quantifiant l'efficacité de la microsegmentation

Les principaux résultats montrent que la microsegmentation ralentit les attaques jusqu'à 22 fois, en fonction de la taille de l'environnement et des politiques mises en place

Sunnyvale, CA — June 4, 2020 — Illumio, the leader in segmentation for workload security, today announced that it has partnered with red team specialists Bishop Fox to conduct and document an industry-first blueprint on how to measure the efficacy of micro-segmentation based on the main components of the MITRE ATT&CK® framework.

“Folks are generally aware of why they should implement micro-segmentation and its central role in any Zero Trust strategy. What has been missing until now is the ability to quantify the benefits of micro-segmentation through a clear testing methodology that can be repeated by any organization to validate the results in their own environments,” said Raghu Nandakumara, Illumio Field CTO.

Through its implementation of the MITRE ATT&CK® framework, a set of tactics and techniques used by red teams to classify attacks and assess risk, Bishop Fox evaluated and measured the ability of micro-segmentation to effectively limit lateral movement and therefore hinder an attacker’s progress.

The report illustrates that when implementing application ringfencing policies to 100 workloads, it is 4.5X more difficult for an attacker to enumerate and reach its target. When that environment expands to 1000 workloads, that increases to 22X more difficult for an attacker, dramatically deterring bad actors from reaching their target.

Whether a sophisticated adversary or a fast-spreading ransomware attack, a common element across all high-profile breaches is lateral movement – the ability for malicious actors or malware to traverse a network. Micro-segmentation brings a Zero Trust mindset to the lateral movement problem by blocking any network communications that are not explicitly authorized, stopping an adversary or malware in its tracks.

“One of the key takeaways from this report is that as the size of a protected estate increases, the attacker’s job gets measurably more difficult (between 4.5x and 22x), even as the granularity of micro-segmentation policy is kept constant,” said Ronan Kervella, Bishop Fox Senior Security Consultant. “For security architects and infrastructure teams alike, these quantitative findings demonstrate a strong justification for implementing micro-segmentation across your enterprise. With data points like these to better inform potential security strategies, security leaders should feel empowered to take the leap in extending their micro-segmentation capability sets across the entirety of their IT estates.”

To learn more about Bishop Fox’s assessment, download the full report here, check out the latest on Illumio’s blog, and join us for a live webinar on Tuesday, June 16.

About Illumio

Illumio enables organizations to realize a future without high-profile breaches by providing visibility, segmentation, and control of all network communications across any data center or cloud. Founded in 2013, the world’s largest enterprises, including Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite, trust Illumio to reduce cyber risk. For more information, visit www.illumio.com/what-we-do and:

CONTACT INFORMATION

Lauren Bogoshian

[email protected]

669.800.5000

Actualités connexes

Illumio
Illumio

Illumio, leader de la Micro-Segmentation, obtient la Certification ISO 27001

Illumio annonce aujourd’hui avoir obtenu la certification ISO/IEC 27001:2022 (ISO 27001)

Illumio
Illumio

Illumio CloudSecure obtient la certification AWS Security Competency

Illumio annonce aujourd'hui que sa solution de sécurité cloud, Illumio CloudSecure, a obtenu la certification AWS Security Competency

Illumio
Illumio

Illumio Government Cloud obtient l'autorisation FedRAMP pour fonctionner afin d'aider les agences fédérales à éviter les cybercatastrophes

Illumio Government Cloud obtient la désignation FedRAMP Authorized avec un niveau d'impact modéré

Assume Breach.
Minimisez l'impact.
Augmentez la résilience.

Ready to learn more about Zero Trust Segmentation?