ICYMI: Top 5 Blogs on Securing the Atomic Network

ICYMI: Top 5 Blogs on Securing the Atomic Network

By the Netography team

We know that keeping up to date with the latest cybersecurity industry news, views, and trends can be a full-time job. But staying informed is paramount as we are in the midst of a doctrinal shift in the security industry, which requires new technological innovations available to help you protect your organization.

To get you up to speed quickly on some “must-read” topics, below is a list of our top five blogs for the first half of 2022. Browse through the recaps and click on the links to read the blogs that interest you the most.

Megatrends and doctrinal change in enterprise security
As organizations have begun to migrate to the cloud over the past decade, it has become clear that compared to what was possible in the era of on-premises systems, the ability to secure what is running in the someone else’s environment is relatively limited. Applications and data are dispersed in a complex environment comprised of multi-cloud, on-premises and legacy infrastructure, accessible by increasingly mobile and remote workers.

This atomized network is the first megatrend that exposes the shortcomings of security architectures and offerings for the modern enterprise. The second megatrend driving a shift in how we approach security for today’s enterprise is Zero Trust. In this blog, Martin Rosch takes an in-depth look at these megatrends and the doctrinal shift they are driving in enterprise security.

In the atomized network, devices are a dead end. Get off the beaten track.
Conventional threat detection and application-aware security on the network has always required deep packet inspection (DPI) appliances deployed in the middle of network traffic. But Atomized Networking and Zero Trust reveal that DPI appliances were designed for an old and dying paradigm – there’s no middle ground anymore. In this blog, Matt Wilson explains why DPI appliances are a dead end and how to think outside the box to innovate security for your modern enterprise.

Threat detection with network metadata vs DPI
Want to dig deeper into the power of metadata for threat detection as Zero Trust proliferates? Having spent much of his career using DPI for threat detection, Joel Esler provides a technical overview of the impact of encryption on the effectiveness of DPI, including the tactics organizations have used in the past to deal with the increasing amount of encryption and the limitations and tracking implications of these security solutions bypass. It also explains how to use metadata from the network itself to examine all your network traffic, encrypted and decrypted, in real time to detect and protect against attacks. Not only is this more effective at providing complete network visibility, but Netography’s detection models have also been proven to instantly detect and defend against stealth attacks.

In an EDR driven world, you still need network visibility
There are good reasons why the EDR market is booming. Agent-based endpoint detection has demonstrated undeniable value in endpoint protection and, in many ways, provides unique visibility into local processes. However, because of EDR, people have overlooked network visibility. In the atomized network, complexity and fluidity create gaps that EDR simply cannot fill. In this blog, Matt Wilson addresses these challenges and explains how you can complement EDR with an agentless and passive detection approach for more comprehensive protection as your organization expands its cloud footprint.

Complexity is the enemy of security, so live off the land
Organizations struggle to defend their network because it’s so dispersed and dynamic that they don’t know what they have, what it does, and what it might be vulnerable to. Additionally, since no single security solution can address the entire challenge of securing a modern network, organizations use a “defense in depth” approach that introduces more complexity. In this blog, Martin Rosch explains how Netography’s approach to living off the land allowed us to design and deploy a solution that reduces security complexity in several ways.

We hope you find this guide a useful tool to help you quickly catch up on important topics you may have missed earlier this year.

Kevin M. Risinger