Tag: Ipfix

On Advanced Persistent Detection

When we consider the term Advanced Persistent Threat, the logical countermeasure is Advanced Persistent Detection. By finding variance in the normal ebb and flow of network traffic, a.k.a. anomaly detection, we can begin to develop a strategy built on “advanced persistent detection.” The real key to this strategy is unsampled flow data in the form of NetFlow and IPFIX. READ MORE

This Week, Lancope Speaks at East Tennessee Cyber Security Summit

This Wednesday, October 23, Lancope’s Director of Security Research, Tom Cross, will conduct two sessions at the East Tennessee Cyber Security Summit in Knoxville. He will present a session on “combating insider threats” at 9:45 a.m. and a breakout session on “hunting attackers with network audit trails” at 11:00 a.m. READ MORE

“Advanced Threat Detection” Presentation at ISSA Grand Rapids

This week, Lancope Senior Systems Engineer Charles Herring will present at the Information Systems Security Association (ISSA) Grand Rapids Chapter Meeting on the topic of “Advanced Threat Detection and Forensics via NetFlow/IPFIX.” READ MORE

Lancope Presenting at SANS DFIR Summit Next Week

Lancope’s director of security research, Tom Cross, and senior systems engineer, Charles Herring, will present at the SANS Digital Forensics and Incident Response (DFIR) Summit in Austin, Texas next week. The two will demonstrate how to leverage network audit trails to hunt for cyber attackers. READ MORE

Upcoming Presentation: Incident Response and Forensics with NetFlow

This Thursday, June 20, Lancope Senior Systems Engineer, Charles Herring, will speak at the Information Systems Security Association (ISSA) Motor City Chapter Meeting on the topic of incident response and forensics. During his presentation, he will review how network logging technologies such as NetFlow and IPFIX can be used to create an audit trail of network activity. READ MORE