Walker<p>When can we declare IP Geo location / country code blocking practically dead as a mitigation strategy?</p><p>Sure it is still useful blocking script kiddies from Iran and other low hanging fruit, but do any serious APT crews actually launch attacks from their home country anymore? </p><p>With the use of zero trust, distributed attack and delivery networks (looking at you Cloudflare), and VPN usage country blocking feels less useful than in the past. </p><p><a href="https://infosec.exchange/tags/zerotrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>zerotrust</span></a> <a href="https://infosec.exchange/tags/geoblocking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>geoblocking</span></a> <a href="https://infosec.exchange/tags/apt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apt</span></a> <a href="https://infosec.exchange/tags/scriptkiddie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptkiddie</span></a> <a href="https://infosec.exchange/tags/networksecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networksecurity</span></a> <a href="https://infosec.exchange/tags/cloudflare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudflare</span></a></p>