Re: bad example
You can also do E-W security with an overlay network. I work on an open source one which does this. In fact, you can embed it in an app using an SDK and not even trust the host OS network.
3 publicly visible posts • joined 13 Jan 2022
If we embed private, zero trust connectivity embedded into applications and systems using open source components then we can close all inbound ports while ensuring transparency to users. This disrupts the Reconnaissance and Initial Access Tactics (as defined by MITRE ATT&CK) of malicious actors as well as restricting lateral movement - external network-level attacks (CVE or zero day exploit, DDoS, brute force etc) become all but impossible.