Want stronger cybersecurity? Start by improving east-west traffic detection
When it comes to stopping cyber attackers, most information security teams primarily concern themselves with north-south traffic. This traffic moves between an internal network and the broader internet, and it is where most security tools, including firewalls, intrusion detection and prevention tools, tend to focus their efforts. This line of thinking is understandable — to stop external threats from wreaking havoc on the system, it makes sense to stop them at the network perimeter.
Unfortunately, this approach leaves networks vulnerable if an attacker evades those perimeter protections. Defenses designed to detect north-south traffic are valuable, but they cannot identify lateral movement within the network — generally referred to as east-west traffic. This type of traffic moves from one internal host or network segment to another, and it is how attackers travel within a network, conduct reconnaissance, obtain credentials and escalate and advance their attacks. The FBI’s recent warning of a rise in ransomware attacks focusing on both public- and private-sector targets makes effective threat detection for east-west traffic more critical than ever.
Learn about the tools capable of providing protection for lateral traffic in the complete GCN article by Carolyn Crandall, Attivo Networks Chief Deception Officer.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise