Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Networks

Encrypted Traffic Collection

Jul 29, 2021 By Corelight In Corelight
Working with encrypted traffic is a common task in the SOC and one that many people think network monitoring solutions can't do anything about. The reality, however, is a bit less cut and dry than you might think. Corelight with Zeek can parse details about the certificate handshake and the SSL connection itself. See the cipher and elliptic curve in use, which are great for detecting vulnerabilities like CurveBall. Learn more about Corelight's Encrypted Traffic collection in this brief two minute video.
View Video

Accelerate SecOps with a Single Source of Network Truth

Jul 28, 2021 By Corelight In Corelight
Network evidence is vital for defense, but collecting it can be overly complicated and result in incomplete data that is difficult to use. By transforming VPC and on-premises traffic into Zeek logs and Suricata alerts, you can accelerate threat hunting and incident response workflows in security analytics tools like Chronicle and VirusTotal.
View Video
tripwire

How Network Segmentation Can Protect Supply Chains from Ransomware Attacks

Jul 27, 2021 By Tripwire Guest Authors In Tripwire

Organizations can take various steps to protect their operational technology (OT) environments against digital threats. But some stand out more than others. In particular, network segmentation is described as “the first answer to insufficient ICS (Industrial Control System) cybersecurity.” Experts advocate zoning ICS assets to coordinate informational technology (IT) and OT environments effectively. That doesn’t always happen, however.

Read Post
alienvault

What is edge networking? An overview on the network edge

Jul 26, 2021 By Nick Cavalancia In AT&T Cybersecurity

As organizations look for ways to improve network performance for user-facing application data, it is becoming increasingly evident that routing requests all the way to internal data centers is the least optimized model. Doing so increases latency, reduces available bandwidth, increases bandwidth requirements at the data center, and increases overall costs.

Read Post
Trustwave

Compromising a Network Using an "Info" Level Finding

Jul 21, 2021 By Trustwave In Trustwave

Anyone who has ever read a vulnerability scan report will know that scanners often include a large number of findings they classify as "Info". Typically this is meant to convey general information about the target systems which does not pose any risk. Many people who read such reports will generally ignore all of the "Info" findings, and focus only on anything labeled "Critical" or "High". However, this can be dangerous for a number of reasons.

Read Post
upguard

What is Wireshark? The Free Network Sniffing Tool

Jul 21, 2021 By Edward Kost In UpGuard

Wireshark is a free open source tool that analyzes network traffic in real-time for Windows, Mac, Unix, and Linux systems. It captures data packets passing through a network interface (such as Ethernet, LAN, or SDRs) and translates that data into valuable information for IT professionals and cybersecurity teams. Wireshark is a type of packet sniffer (also known as a network protocol analyzer, protocol analyzer, and network analyzer).

Read Post
upguard

What is UPnP? Yes, it's still dangerous in 2021

Jul 19, 2021 By Edward Kost In UpGuard

UPnP (Universal Plug and Play) is a service that allows devices on the same local network to discover each other and automatically connect through standard networking protocols (such as TCP/IP HTTP, and DHCP). Some examples of UPnP devices are printers, gaming consoles, WiFi devices, IP cameras, routers, mobile devices, and Smart TVs. UPnP can also modify router settings to open ports into a firewall to facilitate the connection of devices outside of a network.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.