Alicia Butler Alicia Butler RSS Feed

5 Myths About NetFlow

With all the good NetFlow brings, there are still some misconceptions about NetFlow that need to be dispelled. Here are 5 myths of NetFlow analysis. READ MORE

NetFlow for Digital Forensic Audit Trails

Network logging technologies such as NetFlow and IPFIX can be applied to the problem of detecting sophisticated, targeted attacks and used to create an audit trail of network activity that can be analyzed, both automatically and by skilled investigators, to uncover anomalous traffic. READ MORE

Visual Investigations of Botnet Command and Control Behavior Infographic

Malicious botnets are a problem that continues to plague the Internet. StealthWatch® Labs™ research explores the command and control behaviors a collection of nearly two million unique botnet malware samples that were active between 2010 and 2012. These samples reached out to nearly 150,000 different command and control servers on over 100,000 different TCP and UDP ports. This data set is complex and heterogeneous, and thus it is difficult to analyze. However, when the data is represented visually, patterns emerge that lead to interesting insights In October, Tom Cross, Lancope's Director of Research, presented a poster at Visualization for Cyber Security (VizSec)… READ MORE

Hunting Insider Threats with Network Audit Trails

Forensics in the context of computer security is not merely about preparing evidence for trial. We may never be able to prosecute these APT actors that are hitting our network from remote sites. It's become more about understanding the attacks that we're subject to and using that understanding to better protect our networks. It's not just about analyzing hard drives. It's about getting a complete picture of an incident that has affected us. READ MORE

Webinar Q&A: Hunting Attackers with Network Audit Trails

Learn how network logging technologies such as NetFlow and IPFIX can be applied to the problem of detecting sophisticated, targeted attacks and used to create an audit trail of network activity that can be analyzed, both automatically and by skilled investigators, to uncover anomalous traffic. READ MORE