cloud-security

Egress Filtering

Definition

Egress filtering restricts outbound network traffic from cloud workloads to only authorized destinations, preventing compromised workloads from beaconing to command-and-control servers, exfiltrating data to attacker-controlled endpoints, or facilitating SSRF attacks against external services. Cloud egress controls include VPC security group outbound rules, NACLs, Network Firewall domain-based filtering, and Kubernetes network policies with egress rules.

Egress filtering is a key defense against post-compromise data exfiltration.

Related Terms

NACLs

Network Access Control Lists

Network Policy

Kubernetes Network Policy

Security Groups

Cloud Security Groups

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product