lateral-movement
Safeguard articles tagged "lateral-movement" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Default-deny NetworkPolicy: closing the pod-to-pod gap in Kubernetes
Kubernetes pods allow all traffic by default, and many clusters' NetworkPolicy YAML silently does nothing because the CNI plugin never enforces it.
Lateral movement
A precise breakdown of what lateral movement is, the MITRE ATT&CK techniques and pivoting methods attackers use, and how to detect them before they spread.
Pass-the-hash attack
What is a pass-the-hash attack? Learn how NTLM hash theft enables lateral movement across Windows networks, with real-world examples and mitigation strategies.
What is Network Segmentation
Network segmentation limits breach blast radius by isolating systems into enforced zones. Learn the types, common mistakes, and how to implement it in hybrid clouds.
Microsegmentation for Software Supply Chain Security
Microsegmentation limits lateral movement after a breach. Applied to software supply chains, it contains the blast radius when a dependency, build tool, or vendor is compromised.