David Brooks David Brooks RSS Feed

David Brooks is a Systems Engineer at Lancope.  He has 15 years of technical operations experience for a wide variety of organizations ranging from start-ups to Fortune 500 enterprises, enjoys thinking about and discussing pragmatic solutions to security problems, evangelizing the benefits of NetFlow, and cave diving.

Twitter:  @0xDAB

Big Problems in 140 Characters or Less

There is no silver bullet to protect your twitter accounts or other confidential assets from being hacked, but there are steps you can take to identify and stop malicious activity before it becomes a crisis. READ MORE

StealthWatch Is Not a Four-Letter Word

Understanding the common complications with SIEM can not only help you better utilize your SIEM, but also know how to augment the data it provides (or in some cases, doesn’t provide). Flow collection bridges the gap between packet capture and SIEMs. Collecting NetFlow can provide a complete repository of host-to-host communication down to the leaf nodes on your network, and this level of visibility is critical for making sense of today’s complex threats. READ MORE

Be Careful Just Blaming China For Malicious Activity

U.S. and Russia lead the list in terms of malicious hosting providers. READ MORE

APTs – The Usual Suspects are Becoming More Unusual

Cyber espionage is on the rise; not just in terms of frequency, but in terms of distribution. Just because the attack is rudimentary makes it no less of a threat. Pervasively enabling NetFlow throughout an organization not only provides visibility without the need to deploy expensive probes, but NetFlow-based network forensics goes hand-in-hand with detecting APTs and keeping your network safe. READ MORE

No Matter How Frequent or Infrequent, Insider Threats Come at a Cost

If you have paid attention to the security landscape over the past decade, even in passing, you have likely picked up on the idea that the insider threat makes up at least some measurable percentage of concern within an organization's security framework. Lancope’s StealthWatch System brings all of this visibility under the same single pane of glass, and correlates anomalous host behavior with user and device information to help solve the insider threat headache. READ MORE