Featured Posts

An alert touches multiple segments of the network, representing the challenge to reduce false positives
Deep Network Observability

How to Reduce False Positives with Shared Context

False positives are rarely caused by too many alerts, but by missing context. Let’s say a spike in outbound traffic shows up in the firewall logs. Around the same time, ...

Read More
Magnifying glass on top of a diagram that looks like both a fingerprint and a network, representing end-to-end network troubleshooting
Network Operations

Why Most Performance Investigations Start in the Wrong Place

A padlock silhouetted against a dark background, surrounded by a spray of white particles, representing password spraying detection.
Security Operations

What Password Spraying Looks Like in Raw Network Telemetry

All Posts

Network Operations

Cisco ASA Cyber Threat Defense: Part 2

The Cisco ASA is a great tool for Cyber Threat Defense. In part one of this blog I described

Read More
Security Operations

Cisco ASA Internet Threat Defense Solution Webcast

In our February 14th webcast, we will present how the Cisco ASA NSEL exports are used to detect network

Read More
Security Operations

Intrusion Prevention : Protect Intellectual Property!

Today’s threat detection and intrusion prevention systems deployed at companies concerned with cybercrime utilize a layered approach to network

Read More