Blocked Lateral Movement and Controlled Every Network Identity

Challenge

Evercore needed a way to shut down lateral movement across a complex, high-value financial environment without adding operational friction or deploying intrusive agents. Traditional approaches – manual access controls, privileged group clean-up, and network segmentation via firewalls – required an extraordinary amount of effort and still left exploitable internal pathways open.

Identity governance introduced its own challenges: too many privileged users, too much implicit trust, and no practical way to enforce consistent, least-privilege access across devices, locations, and workflows. In a sector where audit scrutiny is intense and attackers are sophisticated, Evercore needed a fundamentally different approach to controlling movement inside the enterprise.

Solution

Evercore selected Zero Networks as a cornerstone technology to unify network segmentation and identity-based access controls in a single, automated platform. Zero Networks automatically learned legitimate communication patterns across servers, workloads, and users – then enforced least-privilege access by default, closing unnecessary pathways that attackers rely on. All privileged access now requires MFA, allowing Evercore to tell auditors, “It doesn’t matter who’s in the domain admin group – they can’t do anything without two-factor.”

Result

We had six findings in our penetration test, and every one of them would have been prevented or mitigated with Zero Networks. There’s not one other product we have that could have come close... Zero Networks is a cornerstone piece of security technology. You can’t take a piece of Palo Alto and a piece of CrowdStrike and get what Zero does.

Chris Turek, CIO, Evercore

With Zero, Evercore achieved military-grade security without restricting how employees work, where they work, or the devices they use. Lateral movement is instantly contained, privileged access is tightly enforced through MFA, and identity segmentation extends Zero’s value even further. Zero's ease of deployment and management has won the platform a leading role in Evercore’s next-generation security architecture – a true cornerstone platform that simplifies network and identity control.