Featured Posts

Various network nodes with security locks, representing encrypted traffic visibility
Network Security

How To Investigate Encrypted Traffic Without Decrypting It 

Most malicious traffic is encrypted, and in real environments, you usually don’t have the keys to inspect it. You can still investigate encrypted traffic effectively by ...

Read More
Representation of lateral movement: attack spreads through a network from a central point
Network Security

How To Detect Lateral Movement: A Step-by-Step Guide 

Blocks of data in a digital environment. Most of the blocks are clear but one is red, representing AI-powered anomaly detection
NDR

How Network Anomaly Detection Works (And Why It Matters)

All Posts

insider threats
Uncategorized

What are insider threats? Challenges, indicators, & more explained

Insider threats bypass traditional security systems, which focus on the network perimeter. This is because, as the term suggests,

Read More
network analytics
Network Operations

Network Analytics: What It Is, How It’s Used, and Who Benefits the Most

Simply put, network analytics is the practice of using different types of network data to identify trends and patterns.

Read More
endpoint protection FI
Network Operations

Endpoint protection isn’t enough: you need network traffic analytics

The recent SANs 2018 Survey on Endpoint Protection and Response makes clear that point-security solutions are not enough to

Read More
context
Network Operations

Network Traffic Analytics with Gigamon

Quite some time ago, my colleague wrote about our Gigamon NetFlow support. That article will help you understand how

Read More
adam
Security Operations

Integrating Threat Intelligence with Flow Data

Threat intelligence feeds help us keep our networks secure and our engineers informed on the latest issues. Huge volumes

Read More
jimd
Security Operations

More on Endpoint Visibility: Mobile Security and Your Network Security Strategy

Why should your endpoints be an important part of your network security strategy? Because even though they are out

Read More
Network Operations

How to detect SSH credential misuse with network traffic analytics

According to a recent article on BleepingComputer, a backdoor Python library can steal SSH credentials. This can lead to ssh credential

Read More
insider threats employees
Network Operations

How to Mitigate Insider Threats with Network Traffic Analytics

According to a recent Ponemon Institute report, the cost of insider-related breaches has escalated to over $8.7 million. What’s

Read More
Hourglass
Security Operations

How to Maintain a Secure Small Business Network (Even When You Work Alone)

Cybersecurity is never easy, but maintaining a secure small business network is arguably even harder because the IT team

Read More
all your data is useless
Network Operations

All Your Data is Useless—Unless It’s Actionable

Here’s a scenario: you’re asked to provide a report of unnecessary high bandwidth usage on your network. So you

Read More