Featured Posts

An alert touches multiple segments of the network, representing the challenge to reduce false positives
Deep Network Observability

How to Reduce False Positives with Shared Context

False positives are rarely caused by too many alerts, but by missing context. Let’s say a spike in outbound traffic shows up in the firewall logs. Around the same time, ...

Read More
Magnifying glass on top of a diagram that looks like both a fingerprint and a network, representing end-to-end network troubleshooting
Network Operations

Why Most Performance Investigations Start in the Wrong Place

A padlock silhouetted against a dark background, surrounded by a spray of white particles, representing password spraying detection.
Security Operations

What Password Spraying Looks Like in Raw Network Telemetry

All Posts

Many blue network nodes with one red note to which several connecting lines are attached, representing lateral movement detection
Security Operations

How to Investigate Lateral Movement Using Flow Data

Lateral movement is rarely loud. Once an attacker gains an initial foothold, the next phase often blends into normal

Read More
Representation of lateral movement: attack spreads through a network from a central point
Security Operations

Understanding Lateral Movement: How Attackers Navigate Your Infrastructure

Lateral movement refers to the techniques attackers use to move through a network after gaining initial access. Instead of

Read More
a long exposure photo of a highway at night
NDR

How to detect lateral movement with the Plixer Platform

If you are familiar with the MITRE ATT&CK framework, then you know most attackers will follow a general sequence

Read More