#microsegmentation

2025-04-10

I posted the final Microsegmentation Series blog: Pete’s Take: Microsegmentation 04: Building a Security Policy. URL: linkedin.com/pulse/petes-take- #PeterWelcher #CCIE1773 #Microsegmentation #Elisity #Cisco #PolicyComponents #SecurityPolicy

Julienakiuni
2025-04-01

Hi

I've created a program, on-boarding AI engine, which computes security tags for micro-segmentation.

My goal is to produce a dynamic distributed firewall.

Today, though it's still under development, my code working pretty well on a 1000 vms vmware Sphere + NSXT infrastructure and I'm porting it to proxmox pve.

I'm wondering if some people would be interested to beta-test it or have some suggestions about features I should add.

Julienakiuni
2025-02-19

After 5 months, the classification algorithm I'm building to tag the nsx vms is starting to increase its predictions rate, while expert systems are starting to decline... Is this the beginning of a power grab? Let's find out in a month's time!

2024-11-13

Posted blog: NFD36: Arista Does Micro-Segmentation. Covers one of several topics Arista presented at NFD36. #PeterWelcher #CCIE1773 #NFD36 #Arista #MicroSegmentation #CloudVision linkedin.com/pulse/copy-nfd36-

LINUXexpert.orglinuxexpert
2024-07-23

Zero Trust assumes that threats could be both external and internal, and thus, no entity, whether it is a user, device, or application, should be inherently trusted.

linuxexpert.org/deep-dive-into

2024-04-30

Microsegmentation has proven valuable in preventing attackers from moving laterally throughout the environment as well as helping organizations implement zero trust strategies and enforce the principle of least privilege access.

Elisity raised $27M series B funding to continue to expand its microsegmentation platform.

#cybersecurity #security #microsegmentation #microseg #zerotrust #lpa #LeastPrivilegeAccess #funding

wsj.com/articles/elisity-raise

2023-02-27

#ChatGPT explaining cross-account Security Group referencing pretty neatly. One of the easiest ways to implement an IP Address-free trust between connected apps in #AWS.

Also called #microsegmentation.

FOLLOW US as we explore cloud network security with #AI.

#awssecurity

2023-01-31

Skool Loop is much better. No account required.

Settings,
Select school,
Choose school,
confirm Selection,
confirm Choice,
Groups,
Select Choice,
Choose Selection.

Now my selection is chosen and my confirmation is selected. Bam! Done!

No email address or #conversion #funnel or target audience #microsegmentation or whatever bullshit required.

They have pretty quickly figured out that if my kids are attending that school then this advert for a local contractor is reasonable.

Parliamo di news! ☑️parliamodinews@masthead.social
2022-11-15
Andy 'Bob' Brockhurst :donor:b3cft@infosec.exchange
2022-11-15

@dob That's a big scope.

Some things we do to make our lives easier and doesn't cost $$$.

Enable #guardduty and pipe all the alerts into a slack channel (+email as well).

Enable #cloudtrail log everything to an #S3 bucket in another account. #cloudwatch alerts on auth failures (to slack + email (some go to pagerduty #infosec contact).
We also have some alerts on updates when a cidr is added to a #SecurityGroup.

Don't use #ssh or #bastion/#JumpHosts use #ssm to run automations on the hosts (package install, service restarts etc) also to get a shell on a box (if needed at all). (you can use #TransitiveTags with #RoleAssumption to give granular access).
Using #ssm for console access also logs the entire session (including someone doing sudo su - root etc!) into #S3

Use #MicroSegmentation within our #vpc. Instances behind an #alb will only accept traffic from the #alb #SecurityGroup etc.. #rds, #elasticache willl only accept traffic from instances in the appropriate #SecurityGroup. (Basically we don't use cidr ingress rules, we use security group ids) (this works across accounts in the same region with peering, but not across regions however).

#aws

2019-11-07

Microsegmentation and Isolation: 2 Essential Strategies in Zero-Trust Security - Tactics for when authorized users need to connect to network resources, or need to venture out to ... more: threatpost.com/microsegmentati #zero-trustsecurity #microsegmentation #networksecurity #infosecinsider #davidcanellos #websecurity #framework #isolation #malware

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst