Even before we started Zero, we understood that certain ports should never be statically open. Ports such as RDP, SSH, WMI, RPC, WINRM and more are just too dangerous, and are all too common targets for attack campaigns used to spread ransomware. We thought, if we can keep ports closed and only open them after strong multi-factor authentication (MFA), then attackers will have virtually nowhere to go – no ability to move laterally. This became the foundation of our network segmentation solut...
