Open Source Security Tools and Threat Hunting: The 10 Most Read Bricata Posts on Cybersecurity in 2018

Every week we publish a blog post where we dive into a topic or study around network security. In 2018, we even produced original research – Amid AI and Machine Learning, the Human Touch Remains Crucial to Cybersecurity in 2019, New Network Security Survey Finds.

As we turned the corner on the New Year, we went back through reader analytics to see which topics drew the most interest. Interestingly, open source security tools and threat hunting were among the most read.  

A complete list of the most read posts on the Bricata blog in 2018 follows below.

1) Snort, Suricata and Bro (Zeek): 3 Open Source Technologies for Securing Modern Networks

Open source technology for network security and intrusion detection is evolving to meet new threats. This post reviews the history, alongside the advantages and drawbacks, of three popular open source technologies for IDS in Snort, Suricata, and Bro (Zeek).

Note: Bro IDS was recently renamed as Zeek IDS.

2) What is Bro (Zeek)? And Why IDS Doesn’t Effectively Describe It [Overview and Resources]

What is Bro? Bro, recently renamed to Zeek, is an open source software framework for analyzing network traffic that is most commonly used to detect network behavioral anomalies for cybersecurity purposes. Bro provides capabilities that are like network intrusion detection systems (IDS), however, thinking about Bro as an IDS alone doesn’t effectively describe the breadth of its capabilities.

3) Layers of Cybersecurity: Signature Detection vs. Network Behavioral Analysis

Signature-based detection is effective at identifying known threats but comes with inherent limitations: the threat must be known in order to create a signature. Behavioral analysis is useful for identifying unknown threats because it’s looking for the characteristics of an attacker.

4) Leadership, Culture and Business Savvy: 13 Big Cybersecurity Ideas for the CISO by CISOs

Leadership, culture and business savvy are just as important to the CISO as are technical aspects of the job. This roundup highlights some of the big cybersecurity ideas for the CISO by CISOs.

5) Three Emerging Healthcare Security Challenges

Security professionals in healthcare face a difficult challenge: protecting an aging infrastructure with unique requirements of PII even as threats multiply and budgets remain flat. A renewed focus on some of the basics could reverse the trend.

6) Useful Benchmarks on Threat Hunting for the Security Operations Center

Threat hunting is one of the hottest trends in cybersecurity. Given the concept is still relatively new, security leaders may find benchmarks helpful as they think through how to allocate people, time and budget to this important new priority.

7) Study on Fileless Attacks Underscores Risk of Over-Reliance on Endpoint Security

The growth of fileless attacks demonstrates why cybersecurity needs to move beyond solely relying on signature analysis for enterprise protection.

8) Here’s What Network Threat Hunting Means, Why It Matters, and How to Get Started

Threat hunting is a way to identify threats that evade current security defenses. This post defines network threat hunting, explains why it matters and offers expert tips for getting started.

9) Seven Security Trends Shaping Intrusion Detection Technology

The threat landscape has evolved and is shaping the need for innovation in intrusion detection. This includes the need for multiple methods of detection rather than just relying on one, like signature analysis.

10) This Independent Cybersecurity Product Review Doubles as an Outline for How to Start Threat Hunting with Existing Tools and Skills

A review by the experts at CSO magazine serves as more than a demonstration of product capabilities – it also provides an outline for how a security operations center (SOC) can begin hunting threats with a tool the staff already know and use. After publishing this review, CSO also named Bricata to its list of best security software.

Note: Bricata has released several significant product updates in the last 12 months. A simple explanation in plain English can be found here: How Enhanced Network Metadata Resolution Facilitates Network Threat Hunting.

* * *

What would you like to see covered in 2019? Tweet us up: @BricataInc.

If you enjoyed this post, you might also like:
15 Cybersecurity Statistics Summarizing the Intense Year the Community had in 2018

*** This is a Security Bloggers Network syndicated blog from Bricata authored by ironcore. Read the original post at: