The Segmentation Illusion
Most security teams operate under a comfortable assumption: critical systems are safely isolated behind firewalls or on dedicated segments, preventing a minor foothold from becoming a full scale disaster. However, this belief often crumbles under real world network mapping. Devices connected to multiple networks simultaneously can quietly bridge zones meant to be separate. Unregistered equipment may respond on segments it should not access, while entire groups of machines hide behind industrial protocol gateways, invisible to standard scanners but reachable by anyone familiar with the gateway’s presence. None of these omissions appear on official asset lists, yet all of them create pathways that bypass intended controls.
Attackers Read Paths, Not Lists
Traditional inventory management produces a static catalog of owned assets. Attackers, by contrast, focus on connectivity paths, tracing how one compromised foothold can reach the next until they land on something valuable. The gap between these two views represents the portion of your network that remains unseen and exploitable. HD Moore, the creator of Metasploit and current CEO of runZero, will demonstrate how to identify these hidden assets and connections during a live session. The presentation covers finding unsanctioned IT, shadow IoT devices, and sub-assets behind OT protocol gateways, as well as detecting multi-homed devices that break segmentation defenses.
Source: The Hacker News
