There’s a Hole in Your Threat Detection Strategy—It’s


                                         Called East/West Traffic

                                By Carolyn Crandall, Chief Deception Officer, Attivo Networks



            One of the most popular targets for attackers, cybercriminals, and other bad actors is east/west network
            traffic.  This  is  network  traffic  that  originates  from  one  internal  host  or  network  segment,  and  whose
            destination is another internal host or network segment.

            North/south traffic, on the other hand, moves from an internal network out to the Internet. North/south is
            where organizations have historically invested, and includes security controls such as firewalls, intrusion
            detection/prevention systems, and proxies.


            Ensuring  good  threat  detection  for  east/west—or  lateral—traffic  has  never  been  more  important  for
            organizations. The ability to move undetected through the network is key for successful ransomware
            attacks, and detecting that movement is increasingly critical as damaging and sophisticated ransomware
            becomes more pervasive.









            Cyber Defense eMagazine – September 2020 Edition                                                                                                                                                                                                         28
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.