Evolving Micro-Segmentation for Preventive Security: Adaptive Protection in a DevOps World

Network security has changed significantly during the past several decades, and it’s time to rethink the way we’re approaching it today. To start addressing network security in today’s highly converged and cloud environments, we need to embrace the idea of software-defined micro-segmentation.

This SANS whitepaper addresses a few key changes we need to address:

• Looking at our entire environment as potentially untrusted or compromised, versus thinking in terms of “outside-in” attack vectors
• Better understanding intended application behavior and doing our best to enforce these approved application behaviors
• Focusing on trust relationships and system-to-system relationships in general within all parts of our environment