Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

HD Moore, creator of Metasploit, argues that organisations must abandon the assumption they can outpace vulnerability exploitation through patching alone. Zero-day exploits continue to emerge faster than patches deploy, and artificial intelligence now accelerates exploit development beyond human remediation timelines.

Moore's thesis reframes defensive strategy away from prevention toward containment. Organisations cannot control which vulnerabilities attackers discover or exploit. They can control what systems an attacker reaches after initial compromise.

Network architecture determines post-breach movement. Most organisations design networks with insufficient segmentation, allowing lateral movement across systems once attackers gain entry. Moore emphasises that teams typically misconfigure network boundaries, creating paths that let attackers traverse from compromised systems to high-value targets like databases, domain controllers, and cloud infrastructure.

The approach shifts focus from the futile race to patch everything before exploitation. Instead, organisations should map their network topology from an attacker's perspective. This includes identifying systems that sit on flat networks without segmentation, services that listen on unnecessary ports, and trust relationships that permit excessive lateral movement.

Practical steps include implementing network segmentation, restricting service-to-service communications, deploying microsegmentation for critical assets, and monitoring for lateral movement patterns. Organisations should conduct internal penetration testing to identify which systems an attacker can reach after initial compromise, then reduce that attack surface.

The webinar assumes the breach has already occurred. Rather than invest exclusively in preventing the breach itself, teams should assume it happens and design networks that limit damage once attackers establish footholds. This defensive posture acknowledges the reality that zero-days and supply chain compromises cannot be fully prevented, but their impact can be constrained through intelligent network design and microsegmentation.

Moore's message reflects broader industry consensus that perimeter defence alone fails. Modern defensive strategies require assumption of breach and network architecture that treats internal trust with skepticism.