Network segmentation has been around for a while and is one of the core elements in the NIST SP 800-207 Zero Trust framework. Although network segmentation reduces the attack surface, this strategy does not protect against adversary techniques and tactics in the identity phases in the kill chain.

The method of segmentation that provides the most risk reduction, at reduced cost and operational complexity, is identity segmentation.

Download this white paper to:

• Get an overview of network segmentation and identity segmentation
• Understand the pros and cons of network segmentation
• Know CrowdStrike’s approach to identity segmentation