Collaborate Disseminate
Here is my next Gartner webinar; this one is focused on network traffic use for detection and response. Title: Modern Network Threat Detection and Response Date: January 29, 2019 Time: EST: 11:00 a.m. | PDT: 8:00 a.m. | GMT: 16:00 Register: h… Continue reading Upcoming Webinar: Modern Network Threat Detection and Response
Here is a funny one: does pervasive traffic encryption KILL Network Traffic Analysis (NTA) dead? Well, OK, not truly “kill it dead,” but push it back to 2002 when it was called “N-BAD” [“a coincidence? I think not”] … Continue reading Is Encryption an NTA / NIDS / NFT Apocalypse?
One of the most crucial types of information for threat detection and incident response is network flow data, which has several unique properties that can help security analysts uncover attacks.
The post Why You Should Start Leveraging Network Flow Data Before the Next Big Breach appeared first on Security Intelligence.
Continue reading Why You Should Start Leveraging Network Flow Data Before the Next Big Breach
Let’s come back from the world where the endpoint won the detection and response wars to this one. As we are ramping up our NTA (but, really, broader NDR for network-centric detection and response) research one mystery has to be resolved. What mo… Continue reading NTA: The Big Step Theory
As I allude here, my long-held impression is that no true anomaly-based network IDS (NIDS) has ever been successful commercially and/or operationally. There were some bits of success, to be sure (“OMG WE CAN DETECT PORTSCANS!!!”), but in to… Continue reading Network Anomaly Detection Track Record in Real Life?
We have EDR (thanks Anton!), but can we also have NDR – if only to make the world of acronyms more consistent? Instead, today we have NIDS (detection that is assumed to be signature-based), NTA (detection by learning and baselining, and praying t… Continue reading Can We Have NDR, Please?
Joe McManus is an expert and industry advisor in the field of information security. He currently serves as the CISO of Automox, provider of cloud-based, cross-platform patching software. He is also a senior researcher at CERT, part of the Software Engi… Continue reading Joe McManus, Automox – Enterprise Security Weekly #98
The free and open source network forensics tool NetworkMiner now comes with improved extraction of files and metadata from several protocols as well as a few GUI updates. But the biggest improvements for version 2.3 are in the commercial tool NetworkMi… Continue reading NetworkMiner 2.3 Released!
An incident response plan and thorough analysis of historical threat data can help security teams predict how fraudsters might breach their networks.
The post How an Effective Incident Response Plan Can Help You Predict Your Security Future appeared first on Security Intelligence.
Continue reading How an Effective Incident Response Plan Can Help You Predict Your Security Future
The expanding Internet of Things brings new attack vectors, and cybersecurity experts will need new methods of incident response and forensics to keep up.
The post Smart Forensics for the Internet of Things (IoT) appeared first on Security Intelligence.
Continue reading Smart Forensics for the Internet of Things (IoT)