Uber Did It To Taxis, AirBnB Did It To Hotels, Could External Cloud DMZ Models do it to IT and InfoSec? The perimeter is open, Swiss cheese firewalls, compromised endpoints, vulnerable URLs, malware and ransomware... Things that make pentesting reasonably easy.... What if this all goes away in a new design model that truly limits movement based on simple principals; requiring two factor authentication from everyone, only white listed application connections, and the enabling of Drop all other "All Inbound and Outbound Traffic" Firewall Rules. Sound like a Pentester's nightmare, Welcome to your future.
Carl is an eternal security soldier from another world who loves breaking stuff, watching systems burn to the ground, sampling aged Kentucky creek water, and laughing in the face of pain and stress. Teaching security is painful, we need to keep it simple, helping others to rise from the ashes more knowledgeable and secure. 10000 binary years in the security industry, reluctant CCSP/GSTRT.