Illumio has announced new enhancements to its Illumio Insights product, including a capability it calls Network Posture, aimed at giving organisations a broader view of lateral movement risk across hybrid, multi-cloud and operational technology (OT) environments.
The company said the updates are designed to shift breach containment from protecting individual workloads to assessing risk across connected systems, with the goal of identifying end-to-end attack paths and informing where segmentation and containment controls should be applied.
According to Illumio, Network Posture analyses live network traffic alongside policy intent and enforcement alignment, and maps the results against security frameworks to identify potential lateral movement exposures, including those not yet actively exploited. The company said this can be used to support reporting on posture and maturity against frameworks including NIST CSF, PCI DSS, SOC 2 and DORA, based on observed network behaviour.
John Kindervag, Illumio’s chief evangelist, said poor visibility into system connectivity is a common factor in security failures. “Attackers exploit relationships, not individual assets,” Kindervag said in a statement. He added that breach containment remains important when prevention and detection controls fail.
Dr. Chase Cunningham (DrZeroTrust) said organisations should focus on measurable outcomes rather than accumulating tools. He pointed to containment speed and limiting attacker movement as key metrics as threats evolve, including those involving agentic AI.
Illumio also announced expansions in three areas: added context for OT environments; agentless visibility for private data centres across hybrid environments; and features intended to speed SOC investigation and response by correlating identity, vulnerability and traffic relationships and surfacing attack paths within existing SIEM and ticketing workflows.
