Network security is described as the implementation of technologies, processes, and protocols designed to safeguard an organization’s communications and information.
Read moreCategory: Security Operations
Detect abnormal lateral network traffic using machine learning and NetFlow
Posted on - by Scott
In a previous blog I introduced you to the malware detection capabilities of Plixer’s intelligence product. I would like to circle back to some information shared in that blog to talk about its ability to detect behaviors like lateral movement across the LAN segments of the network related to data accumulation.
Before I get started, I want to talk about strategies used for network visibility and why flow technologies should be at the top of the list.
Read moreMalicious links and how to find them
Posted on - by Joanna Buckley
It can happen to anyone, even the most seasoned of network security personnel. You can be searching for something on Google, see a seemingly innocent link that looks like exactly what you’re looking for, and click it. Next thing you know, your computer screen is flashing with a message that says your computer is infected and you need to call the following number ASAP. If this does happen in your office, don’t worry: we can help.
Read moreTuning DDoS and DRDoS flow analytics to your environment
Posted on - by Dylan Mclaughlin
As more and more devices are added to the internet, a larger swath of insecurity comes with them. Botnets and compromised devices are the main sources of headache for attacks on infrastructure, with Distributed Denial of Services attacks becoming a major tool for the bad actors to break systems or cover their tracks during an operation. Plixer Scrutinizer provides a method for alarming on these attacks in real time.
Read morePackets vs. flow/IPFIX: The effort to reduce dwell time
Posted on - by James Dougherty
When we hear about a cyberattack these days, there’s often a reference to when the network was originally compromised. In recent years, the need to determine how long that compromise was on the network, who else was involved, and how you’re going to gain this visibility has moved to the forefront of the SecOps team’s needs.
Read moreMalware detection using machine learning and NetFlow
Posted on - by Scott
Last year Plixer released version 19 of Scrutinizer, and with it came the introduction of Plixer Security Intelligence, our machine learning appliance.
The ML appliance learns and establishes what is normal in network traffic behaviors across hundreds of data models. When Scott’s PC reaches out to an application that he has never touched, or exhibits out-of-the-ordinary traffic behaviors, that activity is flagged and alarmed on.
Read moreFinding threats with host index
Posted on - by Dylan Mclaughlin
Imagine someone walks up to your desk and asks a very simple question: has this IP address been seen on our network? This could be a potentially difficult question to find an answer to, especially with any confidence. Plixer Scrutinizer allows you to provide a definitive answer to whomever is asking.
Read moreNetwork Detection and Response (NDR): What does it mean?
Posted on - by Stephen Tutterow
What is NDR?
This blog will focus on the hottest 3-letter acronym of 2020 & 2021—NDR. Network Detection and Response solutions must address an expanding list of non-malware threats that revolve around data exfiltration, lateral movement, and targeted user attacks. Teams must deploy solutions that learn and adapt to new patterns in real time to ensure they stay vigilant in this changing threat landscape. Plixer Scrutinizer allows network and security operations teams to address both sides of a problem within a single interface.
Read moreNetwork traffic demands of the post-pandemic era and how to manage them
Posted on - by James Dougherty
Gartner just posted their worldwide spending forecast report for the first quarter of 2021 and it looks positive. Clearly, the experts will continue to argue about the economic pressure that has been choking parts of the global economy and whether it’s losing its strength, but from Gartner’s perspective, it looks like we’ll see growth in all IT spending.
Read moreWhy and how to export a violator list for DDoS mitigation
Posted on - by Scott
The need to detect and mitigate denial-of-service attacks is nothing new to network and security administrators. DoS attacks on enterprise networks have been occurring for years.
Read more