ids

How Better Network Instrumentation Eliminates Security Risks – Q&A with Chief Product Officer Andre Ludwig

| | Blog, Cloud Security, ids, intrusion detection, NDR, network monitoring, Network Security, network threat detection, network visability, sensors, threat detection
Today we’re discussing network instrumentation with Bricata Chief Product Officer Andre Ludwig. Our interview covers why instrumentation is needed, the state of network instrumentation in most enterprises today, the risks of not ...
Bricata | Network Detection & Response | Visibility & Analytics | Threat Hunting
Network drawing with Clients, SecurityOnion and the Internet

Sniffing Decrypted TLS Traffic with Security Onion

| | Bro, curl, Decrypted, HTTPS, ids, netcat, NIDS, pcap, PCAP-over-IP, PolarProxy, Security Onion, securityonion, snort, ssl, Suricata, tcpreplay, TLS, Zeek
Wouldn't it be awesome to have a NIDS like Snort, Suricata or Zeek inspect HTTP requests leaving your network inside TLS encrypted HTTPS traffic? Yeah, we think so too! We have therefore ...
NETRESEC Network Security Blog

Open Source Security Software: Takeaways from a Case Study on DIY Fatigue

| | Blog, case-study, ids, intrusion detection, IPS, open source
Open source security software can cause teams to spend more time maintaining a tool than securing their network – this case study describes how Bricata solves that challenge ...
Bricata

ZeekWeek 2019: 5 Things Network Security Pros Should Know about Zeek

| | behavior detection, Blog, Bro IDS, encryption, ids, intrusion detection, network traffic analysis, open source, Zeek, Zeek IDS
As the annual ZeekWeek conference kicks off – here are X things network security professionals should know about Zeek ...
Bricata
Detection & Response: Building Effective SOC Operations

6 Tips for Building an Effective SOC

| | Blog, ids, Incident Response, IPS, SOC
A presentation from RSA Unplugged 2019 offers several tips to security leaders seeking to build or improve their security operations center (SOC) ...
Bricata

7 Threat Hunting Benchmarks from a Survey of Security Pros

| | Blog, ids, IPS, SOC, threat detection, Threat Hunting
Threat hunting aims to find threats that didn’t trigger an alert, yet it’s still a new concept for many, so these threat hunting benchmarks are useful waypoints ...
Bricata

The Benefits, Characteristics and Components of Flyaway Kits for Incident Response

| | Blog, ids, Incident Response, intrusion detection, network security monitoring, network traffic analysis
Several different measures of effectiveness tell us incident response (IR) generally takes too long and costs too much. For example, a global study ...
Bricata

One Environment – Three Objectives Satisfied

| | Blog, ids, network metadata, network visibility, pcap, Threat Hunting, Threat Investigation
Whether a security analyst is aiming for better network visibility, investigating a security alert or threat hunting, the right environment makes all the difference ...
Bricata
PolarProxy flow chart

PolarProxy Released

| | DNS over HTTPS, DNS-over-TLS, DoH, DoT, HTTP/2, http2, ids, IMAPS, NIDS, pcap, PolarProxy, POP3S, SMTPS, ssl, SSLKEYLOGFILE, tcpreplay, TLS, Wireshark
I'm very proud to announce the release of PolarProxy today! PolarProxy is a transparent TLS proxy that decrypts and re-encrypts TLS traffic while also generating a PCAP file containing the decrypted traffic ...
NETRESEC Network Security Blog
location data

Is NTA Just Another Kind of IDS?

| | ids, intrusion detection system, network behavior analysis, network traffic analysis, NTA
Earlier last year, Anton Chuvakin of Gartner posted a question I’ve spent the past few years focused on. Actually, I’ve focused on it since working in the Network Security Wizards office on ...
Security Boulevard
Load more