How cybercriminals are using ML and how to combat it
You and I both know that AI is all the buzz today. Artificial Intelligence (AI) is quickly fueling the evolution of today’s high-octane environment. ...
All
General
Gain observability by replicating network data streams
The need for more telemetry data is real. The word observability is being used quite a bit nowadays. I see it being used in...
Plixer recognized as Most Innovative NDR vendor by Cyber Defense Magazine
Plixer has been recognized by Cyber Defense Magazine’s 2021 InfoSec Award as the Most Innovative in Network Detection & Response. This award acknowledges Plixer’s continued evolution of our industry-leading NDR platform....
Five ways Plixer Scrutinizer helps education networks
Spring is among us: warmer weather, blooming flowers, and the need to start monitoring on-campus university and school networks again now that students are...
Forensic investigation of endpoints using NetFlow
This blog will go over how to use some of the features in Plixer Scrutinizer v19.0, such as the host index and IP groups...
How can I load balance my NetFlow traffic across multiple collectors?
Do you find that you are constantly modifying NetFlow configurations to balance collector workloads? The latest release of Scrutinizer introduces an option to load balance...
Tracking the SUNBURST exploit with metadata
Updated: 1/6/2021 On 12/13/20, cybersecurity company FireEye published research for the SUNBURST exploit, which is affecting companies using SolarWinds software. Since the news broke,...
Inspecting encrypted traffic with JA3 and JA3S fingerprinting
Two years ago, I wrote a blog about tracking malware in encrypted traffic. The overall theme of that blog was that encryption has become...
Plixer Scrutinizer new UI changes
With the newest release of version 19.0.0, I’d like to go over how Plixer Scrutinizer’s UI has changed to make finding data easier. There...
Detecting RDP attacks with NetFlow and metadata
An ever increasing attack vector in the healthcare industry are attacks against open or unsecured RDP connections that allow a bad actor to gain...