Updated: 1/6/2021 On 12/13/20, cybersecurity company FireEye published research for the SUNBURST exploit, which is affecting companies using SolarWinds software. Since the news broke, we have been experimenting with ways that Plixer’s NDR solution, Scrutinizer, can help our customers determine the impact SUNBURST may have had on their networks.
I’ve had the opportunity to work alongside two completed VeloCloud deployments over the past 6 months. This blog covers what I’ve learned about the setup and prerequisites within VMware’s VeloCloud interface and Plixer’s Scrutinizer interface for metadata/IPFIX analysis via flow collection. Once setup is complete, I will highlight how Plixer’s Scrutinizer platform uses that data …
RSA 2020 was last week and like every year I have attended, there was a whirlwind of new technologies and methodologies being presented by the vendors I spoke with. Continue on to see what things we learned and how Plixer can help solve problems facing today’s customers.
If this ever changin’ world in which we live in makes you give in and cry say I’m only one guy
Scrutinizer from Plixer is the recognized leader in metadata and NetFlow analysis and it just got even better! With the recent release of version 17.8, a large number of customer-requested enhancements and features have been included and I thought it would be worthwhile to share what’s new in my blog. In addition to this blog, …
In 2011, computer scientists at Lockheed Martin established a framework that defined the steps taken by bad actors as they target and attempt to breach an organization. They called the framework the intrusion kill chain (now commonly called the cyber kill chain) and it consisted of seven stages, which I will discuss below.
I spent this week in Las Vegas at CiscoLive, where I had the good fortune to speak with and learn from hundreds of network and security professionals. In addition, I had the opportunity to present as part of the Cisco Think Tank Theatre. This blog will document the important topics I learned about as well …
Network Incident Response with NetFlow and Metadata Read More »
Today I want to take a look at the Gigamon appliance and their IPFIX configuration. Recently I was asked an interesting question: an avid user of Scrutinizer had a very specific element he wanted to collect and monitor. He wanted to trend what SSL version his internal servers are currently running, as well as the …