NDR provides another layer of visibility into what has or is currently happening on the network. Through this lens, you can detect threats that may be missed with perimeter and host-based tools such as firewalls, logs, and endpoint detection. You can also monitor devices that cannot be monitored through logs or have agents deployed on them, such as many IoT devices. NDR enables threat hunting through packet data, providing an authoritative source for validation.

The microservices architecture provides developers and DevOps engineers significant agility that helps them move at the pace of the business. Breaking monolithic applications into smaller components accelerates development, streamlines scaling, and improves fault isolation. However, it also introduces certain security complexities since microservices frequently engage in inter-service communications, primarily through HTTP-based APIs, thus broadening the application’s attack surface.

It’s hard to imagine that there are upwards of 100 billion devices connected to each other today. Many of these devices are terrestrial; however, more and more devices are being brought online across the sky, sea, and space. As complexity grows, we need to ensure we have the right level of automation in place to keep everything running smoothly. One of my first goals at Forward Networks was to echo what we are already doing publicly – building a secure product in a secure environment.

As promised, we wanted to dedicate a blog to detections and findings from the network operations center (NOC) at Black Hat Asia 2023 as a follow up to our Lessons Learned blog. Some of these discoveries may not surprise the seasoned analyst or senior threat hunter – but will hopefully provide a little entertainment, because the more things change, the more they stay the same.

SD-WAN has enabled new technology opportunities for businesses. But not all organizations have adopted SD-WAN in the same manner or are having the same SD-WAN experience. As the market gravitates away from SD-WAN towards SASE, research and consulting firm EMA analyzed how businesses are managing this transition to SASE. In this blog post, we present the key findings from their report, titled “WAN Transformation with SD-WAN: Establishing a Mature Foundation for SASE Success”.

While there have been many intrusions, compromises, breaches, and incidents that have made news in the IT and InfoSec industries throughout 2022 and into this year, when events or threats like Storm-0558 gain coverage by mainstream media, we often get questions about Corelight’s ability to detect threats through our sensors, products & platform.

As the first cloud service provider, AWS played a pivotal role in shaping today’s public cloud market. AWS WAF stands out as one of the most popular WAFs, especially among teams already integrated with AWS, where activation is a breeze.

Back in the early days of corporate networking, IT departments typically deployed firewalls to keep employees from accessing non-work related content, like social media sites. While content filtering remains part of a firewall’s job, it’s no longer the primary reason for using one. In today’s connected world, firewalls are fundamental to network security.

Trust is hard to earn but necessary for any successful relationship. As organizations build the systems to support Zero Trust, they find themselves balancing security and functionality across their operations. Incident Response and Network Operations in particular can be full of traumatic experiences, and as we sink into those moments the typical responses are freeze, flight, or fight.