This blog will go over how to use some of the features in Plixer Scrutinizer v19.0, such as the host index and IP groups functionality, to quickly define your endpoints and reduce the time it takes to find suspicious hosts. Recently we have seen an uptick in customers looking to use this functionality to its …
Forensic investigation of endpoints using NetFlow Read More »
I spent a lot of time talking to customers at RSA 2019 and a message that resonated with a lot of them was using your network as a sensor. I believe this is because SOC analysts often dig through log data or full packet capture—but then overlook network metadata because it isn’t available to them …
Cybersecurity and the Board of Directors are two topics that, historically, have been unrelated; however, they are rapidly becoming highly relevant to each other. The Boards of Directors must take an active role in cybersecurity measures to ensure their organizations are prepared. In this blog, I will share five steps that Boards of Directors should …
The 5 Steps Every Board of Directors Should Take To Reduce Cybersecurity Risk Read More »
Before you read this blog, stop and count every electronic device around you. I’m at my work desk; within a 1-meter radius, I have ten electronic devices. In a few years, if I replaced each item with freshly launched products, at least nine of those devices would contain IoT technology.
I spent this week in Las Vegas at CiscoLive, where I had the good fortune to speak with and learn from hundreds of network and security professionals. In addition, I had the opportunity to present as part of the Cisco Think Tank Theatre. This blog will document the important topics I learned about as well …
Network Incident Response with NetFlow and Metadata Read More »
Over the last few days, there has been a whirlwind of global activity surrounding the WannaCry ransomware attack. I wanted to share a short list of facts surrounding the attack and the way that Scrutinizer has been used by both Plixer and our customers to gain visibility, run reports based on historical data, and reduce …
WannaCry Ransomware – How Scrutinizer Customers Can Reduce Risk Read More »
It seems like every day I talk with network professionals about security and performance, the common theme being speed and ease of use. Having an effective incident response solution is paramount and with more and more vendors supporting NetFlow, it has never been easier.
Chances are that unless you are a hermit or have turned yourself into an air-gapped server, you have heard the term “DROWN” kicking around cyberspace. I know that when I see article after article stating that 11 million HTTPS websites are at risk, I tend to get bright-eyed and bushy-tailed. Let’s take a closer look …
VMware NSX IPFIX provides network monitoring data similar to that provided by physical devices, giving administrators a clear view of virtual network conditions. In a nutshell, VMware NSX does for the network what ESX does for the virtual server infrastructure. VMware NSX virtualizes the network, allowing the network administrator the ability to decouple the network …
In this blog, I want to talk to you about investigating zero-day attacks. A zero-day attack can be a huge menace on the network, since it can bypass a lot of your detection systems that currently have in place. It can also go unnoticed on the network for a very long time.