microsegment.io

segment all the things

Your Identity Provider Needs a Containment Boundary

When the signing key is the credential, MFA is no longer the control

Mandiant's new AD FS research shows why federation servers belong inside a Tier 0 containment boundary, with tightly governed management paths, explicit dependencies, and an incident plan built around signing-key compromise.

The ATT&CK Segmentation Layer Is Now Updated to v19.1

The mapping stayed stable. The lesson did not get smaller.

The microsegment.io MITRE ATT&CK Network Segmentation Navigator layer has been refreshed to ATT&CK v19.1. The mappings stayed stable, and that stability says something useful about reachability, lateral movement, and containment.

What Good L3/L4 Policy Can Actually Do

A 2026 reassessment of MITRE ATT&CK, network segmentation, and practical microsegmentation

MITRE ATT&CK maps network segmentation to dozens of adversary techniques. This article reassesses what disciplined L3/L4 policy and microsegmentation can realistically do, where they help most, and where they stop.

Voice Infrastructure Needs Containment, Too

Cisco Unified CM exploitation is a reminder that communication platforms are high-trust infrastructure

Cisco Unified CM CVE-2026-20230 shows why voice and collaboration systems need microsegmentation, management-plane isolation, and clear blast-radius boundaries before compromise turns into lateral movement.

Mythos, Microsegmentation, and the Collapse of the Exploit Window

When AI finds vulnerabilities faster than organizations can patch, containment becomes strategy

Anthropic's Project Glasswing and Claude Mythos Preview show what happens when vulnerability discovery accelerates. This article explains why microsegmentation matters for both proactive blast-radius reduction and reactive containment when the exploit window collapses.