Featured Posts

Radar scans a digital network, representing flow-based threat hunting
Security Operations

How Flow Data Supports Threat Hunting Without Drowning Analysts

Threat hunting should feel deliberate. You should be able to follow a path, validate a suspicion, and document what happened without jumping across five consoles. Yet in many ...

Read More
A magnifying glass uncovers an alert midway along a progress bar, representing network baselining and troubleshooting
Deep Network Observability

Proving Nothing Changed: The Most Overlooked Troubleshooting Skill

Security padlock and connecting lines in a digital environment, representing firewall change validation
Network Security

What Changed After the Firewall Update? Let the Traffic Answer

All Posts

trojan horse
Security Operations

DressCode Trojan – How To Find Botnets

I was recently speaking with a customer about network security when he brought up a nasty botnet called the DressCode

Read More
Security Operations

Detecting P2P Botnets with NetFlow (Part #1)

This is part #1 of a two part series on detecting P2P botnets with NetFlow. For years botnets such

Read More