Insider threats bypass traditional security systems, which focus on the network perimeter. This is because, as the term suggests, the attack originates from behind most defense systems. Unfortunately, insider threats are more common than you may think. But this blog will arm you with the knowledge you need to start combating this insidious type of …
What are insider threats? Challenges, indicators, & more explained Read More »
Simply put, network analytics is the practice of using different types of network data to identify trends and patterns. Then, that information is used to make better decisions—troubleshooting decisions, threat remediation decisions, business planning decisions, etc. But let’s take a closer look at what network analytics entails, some use cases, and what types of organization …
Network Analytics: What It Is, How It’s Used, and Who Benefits the Most Read More »
The recent SANs 2018 Survey on Endpoint Protection and Response makes clear that point-security solutions are not enough to quell the ever-growing barrage of cyberattacks. The survey polled 277 IT professionals on endpoint security concerns and practices. In this year’s survey, 42% of respondents reported that endpoint exploits were down from 53% in 2017. However, …
Endpoint protection isn’t enough: you need network traffic analytics Read More »
Quite some time ago, my colleague wrote about our Gigamon NetFlow support. That article will help you understand how to configure your Gigamon appliances to export rich metadata to your network and security intelligence platform. In this article, I will discuss network traffic analytics as it pertains to Gigamon, and outline some of the few …
Threat intelligence feeds help us keep our networks secure and our engineers informed on the latest issues. Huge volumes of this data get published every day with details on the latest command-and-control schemes, malware, and malicious domains. There are many malicious actors that are identified in intelligence feeds. So many, in fact, that manually processing …
Why should your endpoints be an important part of your network security strategy? Because even though they are out in the wild, endpoints are part of your network! We really should stop viewing endpoint devices as being separate from the rest of the network. The truth is, once an endpoint device connects to your network, …
More on Endpoint Visibility: Mobile Security and Your Network Security Strategy Read More »
According to a recent article on BleepingComputer, a backdoor Python library can steal SSH credentials. This can lead to ssh credential misuse if undetected by IT professionals. “The module’s name is SSH Decorator (ssh-decorate), developed by Israeli developer Uri Goren, a library for handling SSH connections from Python code. On Monday, another developer noticed that multiple recent …
How to detect SSH credential misuse with network traffic analytics Read More »
According to a recent Ponemon Institute report, the cost of insider-related breaches has escalated to over $8.7 million. What’s even more concerning is that as the cost of insider threats has increased, the cost of non-insider threats is $3.6 million, according to IBM. This means that insider incidents cost more than double that of non-insider …
How to Mitigate Insider Threats with Network Traffic Analytics Read More »
Cybersecurity is never easy, but maintaining a secure small business network is arguably even harder because the IT team has much fewer staff. Even high-stakes networks, such as in hospitals or schools, are often managed by a single person. In situations like this, the biggest hurdle is time—you need to know exactly where to invest …
How to Maintain a Secure Small Business Network (Even When You Work Alone) Read More »
Here’s a scenario: you’re asked to provide a report of unnecessary high bandwidth usage on your network. So you open your network monitoring tool and look for the top talkers. Maybe there are a couple of hosts that are consuming significantly more bandwidth than anyone else. The problem is that you don’t have further context. …