Segmentation and Access Control (Domain 2)
Network segmentation and access control are two of the most powerful tools for limiting the scope and impact of an attack, especially once a threat actor gains initial access. In this episode, we explore how breaking a network into smaller, controlled zones using VLANs, firewalls, or microsegmentation techniques can contain intrusions and prevent lateral movement. We also delve into access control models that enforce least privilege—ensuring that users, devices, and services only have the access absolutely necessary for their role or function. Techniques like access control lists (ACLs), policy-based controls, and identity-aware proxies give organizations the ability to enforce granular restrictions and visibility. Segmentation isn’t just about making networks smaller—it’s about building intentional walls where none existed before, limiting the damage that any single compromise can do. These controls turn a flat network into a layered one, forcing attackers to fight for every step.
