After reviewing the SANS Top-20 2007 Security Risks, I started asking myself and the rest of our security team how the behavior analysis features of Flow Analytics accurately detects such Internet threats. This is especially important as these concerns are constantly changing making it difficult to stay on top of topics such as the latest on Conficker.

Network Security

Back to security basics
We decided to go back and answer the question “What is computer security?”. We pretty much agreed that it is the unauthorized use – even if only attempted – of any computer. We then asked “How do we assist companies in this area?”. We all agreed that our solution detects problems that have already gotten past traditional security practices such as antivirus software on desktops, firewalls and intrusion detection systems.

Who is watching for strange behaviors?
I think everyone would agree that infected machines will make it onto the network. Our goal is to detect, flag and even stop host behaviors that could cause problems locally or for other hosts on the network.

Related read: Downadup/Conficker Worm caught by using Flow Analytics, NetFlow Analyzer

Mike Patterson author pic

Michael

Michael is one of the Co-founders and the former product manager for Scrutinizer. He enjoys many outdoor winter sports and often takes videos when he is snowmobiling, ice fishing or sledding with his kids. Cold weather and lots of snow make the best winters as far as he is concerned. Prior to starting Somix and Plixer, Mike worked in technical support at Cabletron Systems, acquired his Novell CNE and then moved to the training department for a few years. While in training he finished his Masters in Computer Information Systems from Southern New Hampshire University and then left technical training to pursue a new skill set in Professional Services. In 1998 he left the 'Tron' to start Somix which later became Plixer.

Related

Leave a Reply