Group-Based Policy Analytics

October 26, 2020


Giving SecOps a New Weapon with Security Group Access Control Lists

4 min read

Segmenting networks using Security Group Access Control Lists (SGACL) reduces the threat surface by limiting the reach of attacks in east-west traffic to within segments. By sending the permit and deny logs generated by the SGACLs to SIEM applications, SecOps can analyze and correlate them with indicators of compromise generated by other security appliances.