Earlier this year I worked on a document that addressed some of the common misconceptions about Scrutinizer. One of the subjects that caught my attention was Scrutinizer’s ability to mitigate insider threats. Honestly, I really wanted to dig deeper on all the … [Read more...] about Three Strategies to Catch and Stop Insider Threats
Although the concepts of artificial intelligence and machine learning are not new, they have recently garnered mainstream attention. As is normal in the technology space, the initial hype makes it sound like a panacea and cybersecurity vendors are scrambling … [Read more...] about What is Machine Learning: The Hype, the Promise, and the Reality
Data silos, while common, are huge sources of inefficiency in any department or organization. This problem is exacerbated in IT, where any loss of time can incur huge costs. This blog will discuss, from the perspective of NetOps and SecOps, what data silos … [Read more...] about What is a Data Silo and Why is It Bad for Your Organization?
In today’s digital world, nothing is safe. Just today I came across this post that talks about hackers attacking network printers. It’s not far-fetched to think that your printers are a major cyberattack vector, but how can this type of attack affect your … [Read more...] about Network Security Concerns: They’re Attacking My Printers Now?
User attribution is one of the things I’m asked for most frequently by customers who are looking at network traffic analytics. The use case is quite simple. In a DHCP environment it can be really cumbersome to see who was actually logged in to a machine when … [Read more...] about Username Reporting – NetFlow Integration with ForeScout CounterACT
During our incident response training conducted all over the world, we work with security professionals to identify various trends related to how malicious actors persist and move within a compromised organization. Once the patient zero has been compromised, … [Read more...] about How to Monitor Lateral Movement with NetFlow
Why should your endpoints be an important part of your network security strategy? Because even though they are out in the wild, endpoints are part of your network! We really should stop viewing endpoint devices as being separate from the rest of the network. … [Read more...] about More on Endpoint Visibility: Mobile Security and Your Network Security Strategy
Cybersecurity is never easy, but maintaining a secure small business network is arguably even harder because the IT team has much fewer staff. Even high-stakes networks, such as in hospitals or schools, are often managed by a single person. In situations like … [Read more...] about How to Maintain a Secure Small Business Network (Even When You Work Alone)
Earlier today, the newest Distributed Denial of Service attack vectors, such as memcached and CLDAP, came up during a customer’s training session. It sparked quite a few interesting discussions, and I was asked if we could monitor CLDAP traffic with NetFlow. … [Read more...] about How to Monitor CLDAP Traffic with NetFlow
Microsegmention refers to the use of software to secure traffic between virtual machines (VMs) within virtualized data centers. Virtualization has increased organizations’ agility and efficiency while reducing cost. The ease and speed at which new applications … [Read more...] about Three Microsegmentation Challenges Facing NetOps and SecOps