Featured Posts

An alert touches multiple segments of the network, representing the challenge to reduce false positives
Deep Network Observability

How to Reduce False Positives with Shared Context

False positives are rarely caused by too many alerts, but by missing context. Let’s say a spike in outbound traffic shows up in the firewall logs. Around the same time, ...

Read More
Magnifying glass on top of a diagram that looks like both a fingerprint and a network, representing end-to-end network troubleshooting
Network Operations

Why Most Performance Investigations Start in the Wrong Place

A padlock silhouetted against a dark background, surrounded by a spray of white particles, representing password spraying detection.
Security Operations

What Password Spraying Looks Like in Raw Network Telemetry

All Posts

jake
Security Operations

Current industry trends I saw at RSA 2020

RSA 2020 was last week and like every year I have attended, there was a whirlwind of new technologies

Read More
jake
Network Operations

Best Practices in Network Forensics, Part II: Insider Threats

In part 1 of our Best Practices in Network Forensics we discussed different integrations and how you can tie

Read More
jake
Network Operations

Best Practices in Network Forensics

When shopping for tools to help with network forensics, you will find many vendors claiming why they are the

Read More