network traffic

Firewalls have been considered standard enterprise security defense technology for nearly three decades. Best for policing the perimeter of organizations’ networks, you’d be hard pressed to find any organization that doesn’t use one (or many). However, over the last decade, as the development of applications have exploded, organizations have had to implement new methods to protect against internally-communicating traffic—traffic that neither penetrates nor leaves the network.

At Black Hat Conference 2017, Peter Smith, Co-Founder and CEO of Edgewise Networks, explained that “Today’s firewalls are limited to inspecting packets, which means they can’t see beyond the network attributes to understand the software creating the packet, the user, or the host on which the software is running.” This means that once a malicious actor has penetrated an organization’s perimeter—which is relatively easy to do through social engineering, or by spoofing IP addresses—s/he is able to move undetected inside the network.

As a security practitioner managing and monitoring network traffic not too long ago, Smith became frustrated with the limitations of firewalls and set about creating what Edgewise calls “Trusted Application Networking.” Built on the idea of zero-trust networks, Trusted Application Networking brings “subject matter experts closer to security,” says Smith.

In this short video, Smith and Co-Founder and CTO, Harry Sverdlove, explain the concept of Trusted Application Networking and share how security tools can evolve to mirror the tactics and techniques used by adversaries, who always seem to be one step ahead of white hats. 

 

For more in-depth knowledge and insight on information security topics that are relevant to your day-to-day role, be sure to attend InfoSec World 2018 in Orlando, Florida.