We’ve reached our last roundup post of the year (and the decade!). This quarter’s interesting articles included yet another example of tech meant to protect children endangering them instead; how we’ve all trained AI for years without realizing it; a truly bizarre solution for poor user-chosen passwords, and more.Read more
2019 is flying by fast, and there were many developments in cybersecurity during the third quarter. From the rise of deepfakes and AI to the controversy over extended validation—read on to get yourself up to date on the most interesting news and ideas in cybersecurity.Read more
Corporate data theft is nothing new. In fact, according to a study conducted by McAfee, “[a] majority of IT professionals have experienced at least one data breach during their careers—61% at their current company and 48% at a previous company.” This is an alarming reality, but it’s one that we can understand better to prevent future data breaches.Read more
In this industry, I’ve seen a common trend of buying best-in-breed solutions that are built for one or a few things instead of the jack-of-all trade solutions. While I believe this idea is generally a good one, it often leaves end users with the task of learning multiple interfaces and leaves you with only using a fraction of the product you purchased. As a sales engineer at Plixer, part of my role is working with customers to streamline their workflows using not just our solution, but others they have purchased as well. This blog will go over a couple types of integrations that we have and will hopefully spark something that you can use on your network.Read more
The requirements of GDPR can be vague sometimes. I have had quite a few of my customers ask how we help companies with questions about GDPR compliance. Here are the three Scrutinizer abilities that they found to be the most valuable.
Limiting Users’ Views and Abilities
In Bob Noel’s post, “Three GDPR Requirements That Will Have a Big Impact on Your Organization,” the section on role definitions appears the be the most relevant to Scrutinizer.
Limiting what a user can see in Scrutinizer is relatively easy. Just click on Admin (1) > Security (2) > Users. Here, you can create users and define what group permissions (3) they have. You can also determine which authentication engine is used.
Under the User Group option, you can limit what members of that group can see.
The ability to limit what that user can see
Data Protection Officers can use Scrutinizer’s filtering engine, report designer, or IP groups to hide non-local host information from the user (or vice versa). This prevents network administrators from being able to visualize the remote hosts a local host is talking with. This hides sensitive information such as the site being contacted, but it allows you to keep an eye on the local network activities (i.e. those that are under your administrative domain).
As mentioned in the GDPR post by Bob Noel, being able to report on who has access to Scrutinizer and what they did is one of the requirements. If you click on Admin > Security > Audit Reporting, you can view and filter the audit logs.
In addition, the syslog server settings (Admin > Settings > Syslog Server) tell Scrutinizer to forward all internal alarms to an external syslog server/SIEM. For GDPR compliance, select the “Forward Access Log” option. That will provide a full account of all user actions, reports run, and filters applied in Scrutinizer.
Right to erasure
GDPR requires that at any time, a user can ask that any information on them be deleted from the database. The administrator of Scrutinizer can delete information from the Scrutinizer database via SQL command line. We are investigating ways to provide a simple way to do this via the GUI or possibly command line.
If your requirements include improving your network monitoring posture, gaining deeper visibility, and meeting GDPR compliance, but you don’t know where to start, why not evaluate Scrutinizer?
Enterprises are seeking proactive approaches against potential breaches in their network and prefer passive approaches to detect vulnerabilities. But as technology evolves and become more complex, enterprises face challenges adhering to IT compliance standards. With limited visibility, SecOps can’t perform threat forensics and help their organization maintain compliance.
A large-scale DNS hijacking campaign called ‘Sea Turtle’ has been spreading across more than 13 countries. With our FlowPro Defender, you can monitor your organization’s DNS activity.
Virtualization offers many benefits to organizations. But at the same time, you’ll have to figure out how to monitor your virtual environment, because a lack of visibility can cause many problems. This blog will cover how organizations can use Scrutinizer to take full advantage of a virtual environment without the accompanying challenges.
I spent a lot of time talking to customers at RSA 2019 and a message that resonated with a lot of them was using your network as a sensor. I believe this is because SOC analysts often dig through log data or full packet capture—but then overlook network metadata because it isn’t available to them or they don’t know how to properly use it. This blog will give you a high-level view of what you might be missing out on by not collecting and analyzing network metadata such as IPFIX/NetFlow.