Plixer Blog

Username reporting: NetFlow integration with Splunk

I was recently able to explore the Splunk software development kit with a customer. This helped me to implement another way to get username...

How to detect suspicious ICMP traffic

A few years ago, we added a behavioral algorithm to Plixer Scrutinizer that looked at all the flow data that was collected and determined...

How to detect a reverse SSH tunnel

Today we are going to talk about Plixer’s new Flow Analytics algorithm, Reverse SSH Shell, which has been included in the latest Plixer Scrutinizer...

STIX/TAXII for threat intelligence

What is STIX/TAXII? STIX stands for Structured Threat Information Expression, which is an open-source language and serialization format used in sharing threat intelligence. Think...

First look: Plixer’s machine learning engine explained

The purpose of this blog is to de-mystify the hype around machine learning (ML) by exploring three topics: What kind of ML is Plixer...

Returning to normal: monitoring the reintroduction of the workforce

When this pandemic started and nearly the entire workforce went remote, our focus was to maintain the quality of service outside of what was...

Enhance NetOps/SecOps collaboration with Plixer’s new collections feature

I can’t tell you how many calls I’ve been on where the NetOps and SecOps teams really don’t know what the other is doing....

How to detect bogon connections

Many ISPs filter bogon connections because bogon IP addresses have no legitimate use. If you find a bogon or bogus IP address in your...

We’ve released our biggest update ever, plus two new products

One year ago, we announced our new vision. That is, we believe that SecOps and NetOps provide value for each other, and that value...