The endpoint market has been hot for years. At one point, there were over 80 new endpoint vendors trying to displace the traditional anti-virus vendors. The endpoint security market was transitioning from endpoint protection to endpoint detection and response (EDR). EDR is all the rage, but do you really need one? While the endpoint market […]
We’ve been told for years that we don’t have enough data for security. Then we see the headlines and quotes… “Organizations must prepare for collecting, processing, analyzing, and acting upon terabytes of security data.” “All decisions about cybersecurity strategies, program priorities, investments, etc. should be made based upon analysis of real-time and historical data.” New […]
There are numerous security use cases where the integration of network packet data provides additional contextual information for better actionability. Free and open source packet capture tools do a great job capturing packets, but how do you collect, aggregate, and analyze that data at scale? Let’s start with a quick review of packet capture tools, […]
For decades, anyone analyzing network traffic concentrated on external network traffic, known as north-south traffic, through the perimeter via firewalls. Although firewalls evolved to better analyze this traffic, two primary trends emerged: 1) cloud adoption was causing the perimeter to become more porous, even to the point of extinction, and 2) as attackers gained sophistication, […]