Because IP addresses describe location, not identity, and location changes faster than most policy lifecycles. In hybrid environments, workloads move, service accounts persist, and static allow rules quickly become stale. When policy no longer matches runtime behaviour, lateral movement can occur through paths the team believes are isolated.
Why This Matters for Security Teams
IP-based microsegmentation is attractive because it looks precise, but it secures network locations rather than the workloads and identities actually making requests. In hybrid and ephemeral environments, that assumption breaks quickly: containers restart, pods reschedule, autoscaling shifts addresses, and service-to-service traffic continues under the same identity even as IPs change. The result is policy drift, blind spots, and a false sense of containment.
For lateral movement, the practical failure is not that segmentation exists, but that it is anchored to a control plane that rarely matches runtime reality. MITRE’s MITRE ATT&CK Enterprise Matrix shows how adversaries chain discovery, credential access, and internal movement once they land. NHIMG’s 52 NHI Breaches Analysis reinforces the same pattern: attackers repeatedly abuse identities and secrets, not just network paths. In practice, many security teams discover segmentation gaps only after a compromised workload has already used legitimate east-west access to reach something valuable, rather than through intentional testing of real attack paths.
How It Works in Practice
IP rules fail when teams confuse reachability with trust. A rule that allows traffic from one subnet to another does not prove the caller is a known workload, a permitted service account, or even the same application instance that was approved yesterday. Once an attacker steals a token, API key, or service credential, the traffic may appear indistinguishable from legitimate movement because the network sees an allowed source and destination pair.
Current guidance suggests treating workload identity as the primary control and IP as a secondary signal. That means binding access decisions to cryptographic identity and runtime context, then evaluating policy at request time rather than precomputing static allowlists. Frameworks such as zero trust emphasize this shift, and NIST Zero Trust Architecture is explicit that location should not be the basis for trust. For implementation patterns, identity-centric platforms such as SPIFFE align better with ephemeral workloads because they identify what the workload is, not where it happens to run.
- Use short-lived workload identities instead of long-lived IP allow rules.
- Bind service access to identity, service account, and policy context.
- Re-evaluate permissions when pods, hosts, or nodes change.
- Log east-west requests with identity metadata, not only source IPs.
NHIMG’s Storm-2949 Azure Breach and TruffleNet BEC Attack — Stolen AWS Credentials both illustrate how once an identity is compromised, lateral movement often follows trusted paths that network controls were never designed to distinguish. These controls tend to break down when workloads are highly ephemeral and identity metadata is not propagated end to end, because the network can still see an “approved” IP path even after the approved workload has changed.
Common Variations and Edge Cases
Tighter segmentation often increases operational overhead, requiring organisations to balance reduced blast radius against policy churn and troubleshooting complexity. That tradeoff is especially visible in Kubernetes, multi-cloud, and service-mesh environments, where IPs are transient and ownership changes rapidly. In those settings, an IP rule may be technically correct for a few minutes and wrong by the time it is reviewed.
Best practice is evolving toward layered controls: identity-aware policy, ephemeral credentials, and automated policy reconciliation. There is no universal standard for this yet, but the direction is clear. Static subnet boundaries still have value for coarse isolation, compliance scoping, and legacy systems, but they should not be treated as a lateral movement control on their own. For high-risk zones, combining network restrictions with workload identity, device posture, and runtime authorization is more effective than IP alone.
NHIMG’s DeepSeek breach is a useful reminder that exposure often begins with identity and secrets, then expands through whatever trusted paths remain open. The hard edge case is legacy east-west traffic between monoliths and unmanaged hosts, where identity signals may be incomplete and teams are forced to rely on network controls until the application can be modernized.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10, OWASP Agentic AI Top 10 and CSA MAESTRO address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-04 | IP-based rules fail when NHI trust is tied to location instead of identity. |
| OWASP Agentic AI Top 10 | A-07 | Autonomous workloads can pivot laterally when static controls miss runtime intent. |
| CSA MAESTRO | MA-02 | MAESTRO emphasizes identity and runtime controls for distributed AI and service flows. |
| NIST CSF 2.0 | PR.AC-4 | Least privilege must be enforced on access paths, not just network segments. |
| NIST Zero Trust (SP 800-207) | SC-7 | Zero trust rejects location-based trust and fits ephemeral workload environments. |
Map east-west access to least-privilege rules and review them against runtime behavior.
Related resources from NHI Mgmt Group
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on July 10, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org