This week, Lancope Senior Systems Engineer Charles Herring will present at the Information Systems Security Association (ISSA) Grand Rapids Chapter Meeting on the topic of “Advanced Threat Detection and Forensics via NetFlow/IPFIX.”
Sophisticated, targeted attacks have become increasingly difficult to detect and analyze. Attackers are employing zero-day vulnerabilities and exploit obfuscation techniques to evade detection systems and fly under the radar for long periods of time. New strategies are desperately needed for identifying network attack activity.
Herring’s presentation will review how network logging technologies such as NetFlow and IPFIX can be applied to the problem of detecting sophisticated, targeted attacks. These technologies can be used to create an audit trail of network activity that can be analyzed to quickly uncover anomalous traffic that could signify risk. By collecting and analyzing flow data, organizations can identify a wide variety of security issues within their networks – from malware and DDoS attempts to insider threats and APTs.
Further details on the presentation, taking place on Friday, Oct. 18 in Grand Rapids, MI, can be found here: http://gr-issa.org/. For more information on combating advanced threats with NetFlow, go to: solutions/security-threats/.Tweet
TAGS netflow, lancope, network security, network visibility, anomaly detection, advanced threats, ipfix, forensics