Attackers spend a great deal of time on lateral movement during a breach — as they surf a network, attempting to find the ‘trophies’ they are after — and networks with little or no control over this movement provide an easy pathway for an attacker to their intended target. This means that once an adversary enters a network through a beachhead, a weak or insecure target used as a launching point (be it an endpoint, a workload, a server, etc.), they act as a burglar in a building where all the doors are open, calmly moving from room to room, picking up anything of value.

It is widely understood that micro-segmentation controls hamper lateral movement, but by how much? How effective are various types of micro-segmentation policy in thwarting an attacker, and do they force any changes in behavior? This is precisely what this assessment looked to measure.