🙂

Our “Applying Network-Centric Approaches for Threat Detection and Response” Paper Publishes

After many discussions and a bit of a re-write, our new paper “Applying Network-Centric Approaches for Threat Detection and Response” is finally ready (Gartner GTP access required). The abstract states “The escalating ...

Our Updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) Publishes

Esteemed Mr Barros has beat me to it this time, but here is my re-re-announcement of our updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) deception paper ...
:-)

Tricky: Will UEBA and NTA Ever Merge?

Here is an obvious, but not really obvious question: will UEBA and NTA ever merge? Admittedly, normal security people who don’t care about the changing tides of vendors and markets can skip ...
:-)

Webinar Q&A from Modern Network Threat Detection and Response

As promised, here is my lightly edited Q&A from a recent webinar called “Modern Network Threat Detection and Response.” Questions about vendors are removed, and some are edited for clarity. Q: I ...
SP-2019-366328 0001

Our “Solution Path for Implementing Threat Detection and Incident Response” Publishes

As you can see below, we have written a lot of research over the years, and it would be handy to have a roadmap for the readers. This is especially useful for ...

Upcoming Webinar: Modern Network Threat Detection and Response

Here is my next Gartner webinar; this one is focused on network traffic use for detection and response. Title: Modern Network Threat Detection and Response Date: January 29, 2019 Time: EST: 11:00 ...

Deception vs Analytics, or Can Analytics Catch True Unknown Unknowns?

This is a debate post, and not a position post. The question alluded therein (hey… I said “alluded therein” to sound like Dan Geer, no?) has been bugging us for some time, ...

Is Encryption an NTA / NIDS / NFT Apocalypse?

Here is a funny one: does pervasive traffic encryption KILL Network Traffic Analysis (NTA) dead? Well, OK, not truly “kill it dead,” but push it back to 2002 when it was called ...

Let’s Go Fight IT for Logs? Agents? Taps?

This is a depressing post about security in the real world (what … another one?) In any case, we are having those enlightened debates about log analysis (via SIEM/UEBA), network security monitoring ...

NTA: The Big Step Theory

Let’s come back from the world where the endpoint won the detection and response wars to this one. As we are ramping up our NTA (but, really, broader NDR for network-centric detection ...
Loading...