skip to Main Content

Truefort SOLUTION

Lateral Movement Solution for Preventing Cyber Attacks

Security is most lacking in production applications, where attacks can be the most devastating. Existing tools do not understand applications, their interactions, and service account behavior. TrueFort protects against lateral movement by enforcing microsegmentation via host firewalls, shutting down compromised credentials, and blocking unusual command line arguments at execution time.

TRUEFORT SOLUTION

Lateral Movement Solution for Preventing Cyber Attacks

Security is most lacking in production applications, where attacks can be the most devastating. Existing tools do not understand applications, their interactions, and service account behavior. TrueFort protects against lateral movement by enforcing microsegmentation via host firewalls, shutting down compromised credentials, and blocking unusual command line arguments at execution time.

Production applications are a security visibility gap

  • Understanding attack surface – outside threats and compromised insiders cannot be detected or stopped from moving laterally by existing network security solutions.
  • Discovering applications and resources – most organizations don’t know how servers and other workloads are used across their data center and cloud environments.
  • Identifying excessive entitlements –user and machine entitlements contain increased privileges and are rarely adjusted or revoked, increasing privileged access and movement across the infrastructure when compromised.
  • Ensuring optimal operations – eliminating high-risk activity across workloads is a challenge without sacrificing application performance.

Shared understanding of normal production application behavior

Granular control of trust

Discover, understand, and enforce applications and workload behaviors to create a continuously trusted environment.

Deep behavioral understanding

Use machine learning to automatically map the behavior of applications, workloads, and users to create a baseline and control application changes and block unrecognized behaviors.

Shared source of truth

Identify all workload activity across the data center and cloud, including which service accounts are executing within each application, to translate application relationships and data flows between security and operations, - including the process, identity, and network parameters

Continuous enforcement

easily set preventive policies that block unnecessary network connections between applications, disable rogue accounts, limit privileged access, and kill anomalous processes as they execute

FAQ

Microsegmentation is a security approach which helps administrators implement the principle of least privilege and Zero Trust for individual workloads. Instead of applying one policy to an entire network or data center, microsegmentation allows security to manage traffic between workloads or applications within a network. Security policies deny user requests by default unless they present the right credentials for the specific data they’re trying to access.

Microsegmentation may be used to isolate workloads in development, testing, and production, manage connections to specific applications, limit application visibility by user, user group, or tier, and apply fine-grained controls to specific software services and processes.

Microsegmentation plays an important role in reducing an organization’s attack surface because it gives security teams control over what lateral movement to permit in any environment. With this control, experts can monitor lateral movement against predefined security policies or against a model of expected application behavior, which improves the speed of detection, response, and remediation. 

Microsegmentation makes it possible to implement granular control of network communications, credential usage, and approved behavior to help organizations minimize the impact of a cyber security incident, and solutions with automated application discovery will simplify security management even as networks grow increasingly complex. 

Microsegmentation doesn’t require a new architecture for implementation. Security teams can deploy an agent-based solution which leverages software existing agents on the workload to isolate individual hosts and containers. Solutions can apply security policies based on physical and virtual devices, including load-balancers, switches, or software-defined networks. Some cloud service providers also offer microsegmentation capabilities. 

Organizations will typically deploy both agent-based and network device models to handle all environments, including public or private cloud and on-premises networks. Solutions will use the visibility microsegmentation provides and data analytics to develop a model of normal network behavior against which anomalous events stand out for fast detection and response. 

Resources

Restricting Lateral Movement with Microsegmentation 1
Restricting Lateral Movement with Microsegmentation
lateral movement
TrueFort Lateral Movement
microsegmentation solution brief
Microsegmentation Solution Brief
TRU- Featured image (1)
Contain Lateral Movement by Protecting Service Accounts
Back To Top

Bob Williams

Advisor | Venture Partner - West Coast, Canaan

Eileen Spellman

CFO
Maha Ibrahim, Canaan

Maha Ibrahim

Observer | General Partner - West Coast, Canaan

Lane Bess

Member - Principal & Founder, Bess Ventures & Adv.

Matt Hathaway

CMO

Matt Hathaway serves as TrueFort’s Chief Marketing Officer, leading the global marketing strategy to get TrueFort the recognition it deserves. Matt has extensive knowledge of security users, buyers, and landscape, as well as a track record of building high-performing marketing and product teams. He has over 15 years’ experience in the security market that span fraud prevention, vulnerability management, SIEM, cloud workload protection, data security, endpoint protection, and application security.

Prior to joining TrueFort, Mr. Hathaway was VP of Product Marketing at Imperva, a leader in Application and Data Security, where he led Product, Content, and Technical Marketing, SEO, and Competitive Intelligence. He was also VP of Product Marketing at Carbon Black (acquired by VMware), served in multiple product and marketing roles at Rapid7 (including through its IPO), and held product roles at RSA Security and Uptycs.

Charles Collins

Observer - Mng. Director, Emerald Development Ptrs.

Motti Finkelstein

Advisor - Sr. Advisor McKinsey & Company, Capri Ventures

Steve Katz

Advisor - Founder & President, Security Risk Solutions

Truefort customer support

TrueFort customers receive 24×7 support by phone and email, and all software maintenance, releases, and updates

For questions about our support policy, please contact your TrueFort account manager or our presales team at sales@truefort.com.

Support Hotline

Email Support