Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and “patch everything in time” stopped working years ago. Stop betting the org on winning that race. You don’t control which bug lands. You control what it can reach once it does.
That is a question about the shape of your network, and most teams have the shape wrong. HD Moore, creator of Metasploit and now CEO of runZero, spends the session showing you that shape from the attacker’s side.
Save your seat for a LIVE session, or register, and we will send you the recording.
The segmentation you think you have
The comfortable assumption: critical systems sit behind a firewall or off on their own segment, so a foothold over here cannot become a disaster over there. Call it the segmentation illusion. It holds until someone maps the network for real.
Then the seams show up. A device wired into two networks at once, quietly bridging the zones you meant to keep apart. Connected gear nobody registered, answering on a segment it should not be on. Whole sets of machines hiding behind an industrial protocol gateway, invisible to your scanner, reachable by anyone who knows the gateway is there. None of it is on the asset list. All of it routes around the control you were counting on.
Inventory is a list. Attackers read a map.
You keep an inventory, a static list of things you own. An attacker does not care about your list. They care about paths: how one foothold reaches the next, until it lands on something that hurts. The two views rarely match, and the difference is exactly the part of your network you cannot see and they can. Moore built Metasploit, the framework half the industry learned offense on, and now runs the company whose whole job is finding the assets and connections organizations don’t know they have.
What you leave able to do
- Find the assets you don’t know you have. Unsanctioned IT, shadow IoT, and the sub-assets behind OT protocol gateways where your scans never look.
- Find the bridges that break segmentation. The multi-homed devices and forgotten assets connecting zones you believed were isolated.
- See the paths, not just the parts. Trade static inventory for live attack-path mapping that shows how a foothold actually travels.
- Fix the few things that matter. Focus remediation on the assets and links that shorten an attacker’s route to impact.
Corporate network, factory floor, or both tangled together: if IT, IoT, and OT share your environment, the seams between them are where this goes wrong. See your network the way an attacker already does, before they do.
