Y'know, I respect Jamie Foxx
For more infomation >> From 1863 , Today's Until 100$ Dollars | What Is Money - Duration: 1:26. 
Network security as explained by an imperfect metaphor
So imagine this city is your network and all of that traffic is your network
traffic. Somewhere in all of this a person is up to no good.
They may be in one of these cars and it's your job to find and stop them.
You've already invested in systems that alert you to potential problems but each
alert just raises more questions. Is this a real issue?
When did it start? How bad is it? So where do you go for answers? For incident
responders network data is a critical source of truth. There are many types of
network data, however. When you get an alert
you could go to NetFlow but it's usually too sparse. Simply put there's not enough
data to figure out what happened. Like trying to investigate a potential crime
with just a few tollbooth records to go on. Not promising. On the other hand you
could go to PCAP for answers but that's not fast or easy. It would be like
watching a months worth of surveillance video to find a specific individual. The
answer is in there somewhere but finding it —good luck. What if there was a
better source of network data? For threat hunting and incident response there is.
It's Bro. Bro is a powerful open source network security monitor. It gives you
rich, organized, and easily searchable network data to help you protect your
environment without slowing you down with useless information or keeping you
guessing with too little. Bro extracts hundreds of types of data from network
traffic in real time and helps you do faster incident response by giving you
easy access to actionable data. Helpful features such as Bro's unique connection
ID lets you see all protocol activity in a given connection with just one click.
So you can resolve incidents up to 20 times faster. Bro was created by Corelight's
founders. Watch part 2 to see how easy it is to add the power of Bro to
your environment with Corelight.
Đăng ký:
Đăng Nhận xét (Atom)
Không có nhận xét nào:
Đăng nhận xét