ids
The Benefits, Characteristics and Components of Flyaway Kits for Incident Response
Several different measures of effectiveness tell us incident response (IR) generally takes too long and costs too much. For example, a global study ...
One Environment – Three Objectives Satisfied
Whether a security analyst is aiming for better network visibility, investigating a security alert or threat hunting, the right environment makes all the difference ...
PolarProxy Released
I'm very proud to announce the release of PolarProxy today! PolarProxy is a transparent TLS proxy that decrypts and re-encrypts TLS traffic while also generating a PCAP file containing the decrypted traffic ...
Is NTA Just Another Kind of IDS?
Earlier last year, Anton Chuvakin of Gartner posted a question I’ve spent the past few years focused on. Actually, I’ve focused on it since working in the Network Security Wizards office on ...
Open Source Security Tools and Threat Hunting: The 10 Most Read Bricata Posts on Cybersecurity in 2018
Every week we publish a blog post where we dive into a topic or study around network security. In 2018, we even produced ...
Network Visibility: Can You Analyze Encrypted Traffic for Cybersecurity Threats?
We get this question a lot: Can you analyze encrypted traffic for cyber threats? It just came up again during the question and ...
Here is How Open Source DIY Fatigue Saps Cybersecurity Resources
Open source security tools often start as cost-saving DIY projects inside cybersecurity organizations, but as the network grows, these take more time to maintain and manage, which detracts from the task of ...
Detecting the Pony Trojan with RegEx using CapLoader
This short video demonstrates how you can search through PCAP files with regular expressions (regex) using CapLoader and how this can be leveraged in order to improve IDS signatures. Your browser does ...
Hacking Retro
Bring out your disco ball, your leg warmers, and your VHS tapes! While a lot of us watch the VH1 hit “I Love the 80s” for pop culture, I’m always drawn to ...
NextGen SIEM Isn’t SIEM
Security Information and Event Management (SIEM) is feeling its age. Harkening back to a time in which businesses were prepping for the dreaded Y2K and where the cutting edge of security technology ...