Monitoring News, Articles and Updates

Will IETF proposal be the end of enterprise middlebox traffic snooping?

Is the ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and more broadly network security?

Don't be tomorrow's news - use machine data to protect PII pre-GDPR

Using machine data to monitor staff behaviours can identify potential PII breaches before they happen and avoid the huge fines that would follow once GDPR comes into effect says Matthias Maier

Trapping to hunting: intelligent analysis of anomalies to detect compromises

One of the goals of Breach Detection Systems is to provide the most effective automated detection with minimal false positives, because excessive false positives cause "fatigue" in the incident responder explains Dr. Giovanni Vigna

Threat hunting? Ditch the SIEM and use the principles of Big Data

The human is the most essential part of any security programme and they need frictionless ways to work with data, be more productive, secure their environments, and apply their own methods to their tools says Josh Mayfield.

EU says prior permission required to monitor staff electronic communications

Organisations will have to ask permission first before being allowed to conduct electronic monitoring of staff.

Insider threat: Employees at the heart of companies' data security

Firms need to evaluate their security procedures around flexible working now, before it leads to a damaging data breach says Jean-Frederic Karcher.

Top 10 cyber-weapons; weaponised IT the preferred attack vehicle once inside

Top ten hacker tools identified - misuse of legitimate tools dominates inside the network.

Don't underestimate the idiots - monitoring behaviour on your network

How do we spot anomalous system behaviour on our networks that indicates a security breach? That was the theme of last week's SC Magazine UK roundtable aboard HMS President, sponsored by Splunk.

How to find a 'Super Hacker'

Anomaly-based detection, rather than signatures or threat intelligence, is more likely to detect nation-state and advanced criminal 'Super Hackers' before they can gain a significant foothold on networks says Peter Cohen.

Faster security understanding with visualisation

Passive inspection is too slow in today's interconnected, data-rich IT environments, says Thibault Reuille.

Look beyond the darknet to manage supply chain risk

Vetting staff and contractors, including what they are saying on the internet and the darknet, is vital to protecting your company, says Tim Ramsey.

'The best defence is a good offence' in evolving security, networking market

Dieter Lott discusses the security and networking solutions market and how organisations should be adopting a new proactive approach to security breaches given that IT infrastructure is in a constant state of change.

Living with the enemy

Preference for technical solutions, rather than organisational change is resulting in over-investment in stopping cyber-attacks rather than detecting attacks and defending data says James Henry.

Alert fatigue: When your security system cries 'wolf.'

Too many false positives inevitably reduce response times - and even response numbers - so raise the verification bar and thereby limit them says Chandra Sekar.

Network visibility can prevent you from being the next cyber-security headline

Better understand what's happening on your network and you'll be better prepared to tackle hostile intruders says Corey Nachreiner.

The true cost of false positives

Implement a structured response with automated systems to bring down the cost of chasing false positives says Brian Foster.

How does PCI DSS 3.0 affect you?

Suspicious activity now needs to be monitored in the entire processing chain, hence implementing PCI DSS 3.0 helps stop attacks before compromises occur says Ross Brewer.

Sound and webcam loggers

Every sensor has the potential to be used for malicious logging - and anti-virus based systems aren't an effective defence says Janusz Siemienowicz who adovcates monitoring of behaviour.

Guarding against insider misuse

Track and audit changes on the network, especially by privileged users, and make it known that monitoring happens in order to reduce misuse says Michael Fimin.

More questions than answers as BBC outage fuels DDoS talk

The British Broadcasting Corporation was hit by a prolonged outage on its website and iPlayer video-on-demand service (VOD) last weekend, raising questions about the cause and whether it was subjected to a distributed-denial-of-service (DDoS) attack.

Queen's website hosts controversial tracking technique

Advertising tracking called 'canvas fingerprinting' is used on many websites and identifies unique individuals and their browsing habits and works surreptitiously.

The top 8 ways that privileged accounts are exploited

Failure to properly monitor and update privileged access is a key vulnerability and Chris Stoneff highlights the leading weaknesses.

Using analytics to secure your network

Knowing what's normal on the network will help identify attacks says Dirk Paessler

Monitoring the modern network environment

Importance of network visibility increases as complexity of modern enterprise networks increases: Enterprise Strategy Group survey.

Security and legal professionals claim 24-hour breach notification will not be a complete burden

The proposed 24-hour breach notification law will be a challenge for smaller businesses, but not for enterprises.

Report claims that German police are using commercial spyware

The German police have been reported to be using an intrusion software kit with the capability to monitor and record conversations.

NetWrix launches digital surveillance tool

A tool that records user activity for security, compliance, audit and troubleshooting has been launched by NetWrix.