Illumio announced new enhancements to Illumio Insights that fundamentally expand how lateral movement risk is exposed and mitigated, anchored by the introduction of Network Posture. By further enriching its AI security graph, Illumio now delivers system-wide, real-time visibility across hybrid, multi-cloud, and OT environments, surfacing end-to-end attack paths and showing where risk must be prioritized and mitigated. In an era where AI agents traverse enterprise infrastructure autonomously and at machine speed, the ability to see and control lateral movement has become existential.
Network Posture analyzes live network traffic, policy intent, and enforcement alignment against industry security frameworks to identify where lateral movement risk exists — including exposures that may not yet be actively exploited. By correlating these findings with application and business context, teams can prioritize breach containment and segmentation decisions based on real, system-level risk rather than static assets or point-in-time assessments. Network Posture also provides continuous measurement of security posture across hybrid environments, supporting clear reporting on maturity and alignment with frameworks such as NIST CSF, PCI DSS, SOC 2, and DORA based on how the network is behaving.
“Most security failures happen because teams don’t understand how things are connected,” said John Kindervag, Chief Evangelist at Illumio. “Attackers exploit relationships, not individual assets. If you can’t see how traffic flows throughout your environment, you can’t see the attack and contain the breach. We’re approaching an ‘AI event horizon’ in cyber, where the attacker advantage becomes nonlinear, and defenders can’t keep up by chasing alerts alone. When prevention and detection fall short, the last line of defense remains breach containment.”
The company also announced:
Expanded context for OT environments
Extends risk analysis beyond traditional IT infrastructure by incorporating OT system inventory, context, and traffic. By enriching attack path analysis with OT visibility through integrations such as Armis, teams gain a clearer understanding of exposure and can prioritize containment and segmentation decisions based on real operational risk across their entire interconnected OT and IT environments.
Agentless data center visibility and segmentation across hybrid environments
Delivers agentless visibility into private data centers to expose lateral movement risk and attack paths across on-prem and cloud environments, and connects those insights directly to enforcement through integrations with Fortinet and Check Point, and other leading firewalls. This makes it even easier and provides greater flexibility for customers wishing to prioritize breach containment.
Accelerated SOC investigation and response
Shifts SOC investigations from isolated alerts to attack path awareness by correlating identity, vulnerability, and traffic relationships across the environment. Analysts can see how activity propagates through the system and act on the paths that pose the greatest risk – directly within existing SIEM and ticketing workflows.