In this session, Tod Beardsley (runZero) is joined by Jared Atkinson (SpecterOps), Zakir Durumeric (Censys), and HD Moore (runZero) to discuss the complexities of modern attack surfaces, focusing on the perimeters and pathways that connect internal networks to the global internet. The experts highlight that the traditional idea of a single, well-defined network perimeter is obsolete, replaced by a satellite model of thousands of cloud accounts, remote control systems, and data-sovereignty-compliant providers. Zakir emphasizes that the network infrastructure itself — including firewalls, VPNs, and LTE modems — has become a prime target for initial access, blurring the line between internal and external assets.
The discussion moves into the pathways attackers take once they gain initial access, with Atkinson detailing how BloodHound maps identity-based attack paths through systems like Active Directory, Okta, and GitHub. He explains that by layering network infrastructure data from runZero with identity graphs, defenders can identify non-obvious 4D pathways to high-value targets. HD Moore adds that satellite hunting from the inside — fingerprinting internal TLS services and searching for matching hashes on the public internet — reveals hidden connections and misconfigurations, such as management ports exposed to guest wireless networks, that completely bypass intended segmentation.
Meet Our Speakers
todb
VP of Security Research, runZero
HD Moore
Founder & CEO, runZero
Jared Atkinson
Chief Technology Officer, SpecterOps
Get the latest news and expert insights delivered in your inbox.
