If you work on a corporate security team, endpoint security is an important framework to understand. After reading this blog, you’ll know the ins and outs of this framework, including why it’s crucial to modern networks and the best practices to implement and maintain it.
In part 1 of our Best Practices in Network Forensics we discussed different integrations and how you can tie in your existing tools with our solution to correlate events with syslogs, DNS, IPAM, and cloud infrastructure logs. This blog will go a bit deeper on these integrations, but focus on tracking insider threats and lateral …
Best Practices in Network Forensics, Part II: Insider Threats Read More »
When shopping for tools to help with network forensics, you will find many vendors claiming why they are the best, but not necessarily how they fit into your existing security ecosystem. Here, I’ll cover how our customers use our IPFIX and metadata solutions as part of a layered security approach that uses all facets of …