Featured Posts

Various network nodes with security locks, representing encrypted traffic visibility
Network Security

How To Investigate Encrypted Traffic Without Decrypting It 

Most malicious traffic is encrypted, and in real environments, you usually don’t have the keys to inspect it. You can still investigate encrypted traffic effectively by ...

Read More
Representation of lateral movement: attack spreads through a network from a central point
Network Security

How To Detect Lateral Movement: A Step-by-Step Guide 

Blocks of data in a digital environment. Most of the blocks are clear but one is red, representing AI-powered anomaly detection
NDR

How Network Anomaly Detection Works (And Why It Matters)

All Posts

Many blue network nodes with one red note to which several connecting lines are attached, representing lateral movement detection
Security Operations

How to Investigate Lateral Movement Using Flow Data

Lateral movement is rarely loud. Once an attacker gains an initial foothold, the next phase often blends into normal

Read More
A network with multiple layers and overlays, representing the challenges of SD-WAN troubleshooting
Network Security

SD-WAN Troubleshooting: What Flow Intelligence Reveals That Vendors Don’t

SD-WAN was supposed to simplify the network. In many organizations, it did the opposite. Abstracted tunnels, dynamic path selection,

Read More
Data emanating from research papers, representing one type of university network traffic
Network Security

Flow Analytics vs. Traditional Monitoring in University Networks 

University networks face a fundamental monitoring challenge that traditional tools struggle to address effectively. Campus environments combine massive scale,

Read More
dylan
Security Operations

Tuning DDoS and DRDoS flow analytics to your environment

As more and more devices are added to the internet, a larger swath of insecurity comes with them. Botnets

Read More
jake
Security Operations

Using your network as a sensor

I spent a lot of time talking to customers at RSA 2019 and a message that resonated with a

Read More
Network Operations

Catch Reflection DDoS Attacks with NetFlow

In this line of work I find myself talking with network professionals daily. With this constant exposure to a

Read More
Security Operations

Use NetFlow to identify network anomalies

NetFlow is widely regarded as an ideal technology for acquiring summarized details on network traffic; as a result one

Read More
Network Operations

Cisco NetFlow | Part 2 – What is Flow Analytics™?

In this blog, I will be continuing Part 1 of the “What is Flow Analytics™?” Series. In this blog I

Read More
NetFlow Analyzer

The Null Scan – You’re being watched

Oftentimes, when I’m running around the country setting up Flow Analytics, I don’t see Null Scans pop up. However,

Read More