Michael Patterson : Advanced NetFlow Traffic Analysis
Michael Patterson
Founder and Product manager for Plixer's Scrutinizer NetFlow and sFlow Analyzer as well as Flow Analytics.

Implementing the NIST Framework for Improving Cyber security

When reviewing or even building out an organizations cybersecurity infrastructure, the National Institute of Standards and Technology (NIST) offers a document that...

Full Story »

Jumping on the Cloud Bandwagon

More master agencies are claiming the cloud, so to speak. They are signing up cloud providers faster than the ink can...

Full Story »

Call Progress Analysis is Not the same as a Robo-Call

Robo-calls are making the news lately.  I even wrote a blog about them last year. We all hate getting those calls. While most...

Full Story »

Mitel Analyst Day 2017 Live Blog

Past live blog 2015. Here are the complete slides.8 am: CEO Rich McBee takes the stage. The company won’t overpay for a...

Full Story »

Yes, Bitcoins are Gold 2.0

We weren't too surprised to see that a bitcoin is now worth more than an ounce of gold... Coming in at a...

Full Story »

What's Going on at MWC 2017

I’ve been at Mobile World Congress one day so far.  5G is everywhere and around every corner and under every rock.  Can’t...

Full Story »

Yes, Fonality, I am Skeptical (of the VoIP Sector)

Apparently, one slightly snarky tweet and a single line item in Tidbits - "A head scratcher: Fonality got bought by Netfortis....

Full Story »

Implementing the NIST Framework for Improving Cyber security

March 11, 2017

When reviewing or even building out an organizations cybersecurity infrastructure, the National Institute of Standards and Technology (NIST) offers a document that can be a great place to start. The document is called the Cybersecurity Framework and provides a high-level, strategic view on the lifecycle of an organization’s management of risk.  It does not make security appliance or specific solution recommendations to detect, defend against or investigate cyber events. Instead, it is intended to guide the teams responsible for cybersecurity through the process of making sure systems are in place. 

Threat Investigations Suffering from Lack of Context

November 28, 2016

Pretty much all companies fall victim to cybercrime eventually.  Whether it is directly or indirectly, the cost varies depending on the industry. Energy and financial organizations suffer the most in comparison to the automotive and agricultural businesses.  The costs incurred however, are not always withdrawals from the corporate bank account or the loss of top secret plans.  Some might be surprised to learn that the significant costs are actually in the clean up with small organizations suffering the highest cost per enterprise seat.  Source: HP.com

A Massive Wave of Cybercrime Coming

September 29, 2016

Get ready for biggest year yet in cybercrime.  We have learned over the last few years that hackers have honed their penetration skills to the point that any targeted company can easily become a victim.  Most business owners have accepted that being connected to the Internet means that they can and probably will be compromised regardless of the defensive measures taken.  It is more than just a game of probability. 

DNS Firewall

June 4, 2016

I don’t think I’ve ever spoken with a company – at least that I can remember that didn’t have a firewall in place.  Cisco ASA (Fire Power), Palo Alto, Checkpoint and Fortinet seem to be the more popular ones.  Barracuda, SonicWALL and StormShield we hear about as well.  These systems do a relatively good job at protecting our internal jewels.  However, what I find missing in most solutions, is their ability to stop DNS tunneling and other tactics that abuse the DNS protocol.

Security Analytics - Network as a Sensor

April 4, 2016

Security is going through an evolution in IT. The new assumption is that some malware will make it onto the network. This forces the security team to consider the actions they will need to take when following up on an event.  What details will they want access to? What devices on the network gather this information? How will they want to display it?

Cisco Cyber Threat Defense : 4 Tell-Tale Signs of Data Exfiltration

March 19, 2016

A potential threat could come from anywhere at any-time and it doesn’t have to start from the Internet.  Many threats are initiated internally by infected handhelds and laptop devices which walk right past the firewall.  Anti-virus has become nearly ineffective against targeted threats.  Even next generation firewalls aren't stopping the outbound connections created by unwanted data exfiltration. 

Phishing Attack Training

January 13, 2016

If you are being repeatedly targeted by a phishing attack, chances are you will eventually click. And if you end up infected, often times your computer will show no obvious signs of the virus or bot. What can you do?

Cisco nvzFlow Reporting

December 22, 2015

There has been lots of excitement this week at our company since the release of Cisco’s nvzFlow.  Companies which utilize the Cisco ASA for VPN access have the option to upgrade to AnyConnect 4.2.  With this latest release admins can configure remote users to export IPFIX right from their laptops to the flow collector for real time and future analysis.

 

Splunk NetFlow Support : Vendor Comparison

November 10, 2015

You are in luck because you have several options to get Splunk NetFlow support.  I know of three however, there are probably more. This post will list them all and discuss the benefits of each.

Software Defined Network: 8 BIG Benefits

October 23, 2015

Are you looking to get up to speed on the benefits of a Software Defined Network? This post will save you some time by providing 8 areas where SDNs promise to deliver.  It will also provide you with a few links where you can learn even more about the technology.

1 2 3 4 5 6 Next
Featured Events