Unlike accidental data leaks caused by human error or misconfigured systems, data exfiltration is a deliberate and malicious act. It involves the unauthorized transfer of sensitive data from within a secured environment to an external destination controlled by threat actors. This ...
Continue ReadingIf you think that your company’s SIEM is a reasonably good solution for detecting intrusions, your probably less safe than you think. SIEMs rely...
My colleague Jake recently wrote about Disaster Recovery Monitoring, and about how our Incident Response System, using IPFIX/NetFlow is more helpful then tools that...
When the security team identifies a suspicious activity, they often turn to NetFlow or IPFIX first to gain insight into how the bad actor...
Today we are going to take a look at how to configure NetFlow so that you can gain visibility into your vSphere virtual distributed...
It’s hard to believe, isn’t it? Our security vendors (e.g. McAfee, SonicWALL and others) are using the same tactics as malware to extract information...
In my previous blog, I talked about the value of having a cyber incident response plan. An important factor in a plan like this is having...
Make sure you read Part 1 of Overview of DNS Protocol before reading this one or you can go back to part 2. At...
NetFlow Security Monitoring When you hear NetFlow/IPFIX, what is your first thought? For most people, their first thought will be “NetFlow’s great for performance...
This is part 2 of our 3 part series which provides an overview of the DNS protocol. Below are a few other terms you may have...
