RSA NetWitness: An Anatomy Of An Attack

Here is a post from my friend Aamir Lakhani’s blog about RSA NetWitness. The original can be found at Cloud Centrics ( Really good post on NetWitness.

RSA NetWitness

RSA NetWitness is a unique solution that captures, store and analyze network data traffic. This gives you the able to see exactly what comes in and goes out of the network in real time . In simple terms, RSA offers to you a Network CCTV. Not only that, NetWitness also allows you to see the traffic in action as it reconstructs the data that flows through the network into its original format according to its own type or application. This helps you strengthen your security measures by taking appropriate action. On top of that, since all traffic is captured and stored, you will be able to go back to a particular period of time and conduct historical data analysis. Nothing escapes undetected. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (2 votes cast)

Defending Against Distributed Denial Of Services DDoS Attacks

DDoSIf you are internet facing, you are vulnerable to Distributed Denial of Services or DDoS attacks. Attacking network services is on the rise as the price for computing power decreases and people become more dependent on technology. Studies from leading service providers show DDoS attacks have grown from 9 to 500 Gbps in the last five years. Botnets are becoming an underground commodity that can be rented for as low as 10 dollars an hour to launch strategic DDoS attacks. Governments are investing in military strategies based on the ability to interrupt enemy computer services through targeted DDoS attacks. These attacks are indeed a weapon of mass disruption. Continue reading

VN:F [1.9.22_1171]
Rating: 3.5/5 (2 votes cast)

Test The Strength Of Your Security

securityMany agencies spend millions on security each year. Security investments range from firewalls to contractors, which spending is typically based on weighing risk of loss against cost to protect. Sometimes it’s difficult to evaluate the return on investment for security since the desired end result is not being compromised rather than a particular outcome that can be measured. Studies show regardless of the level of spending for security, the majority of IT management doesn’t know how effective their defenses are against today’s threat landscape. Here are some ways to evaluate the strength of your security. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

What Malicious Traffic Is On Your Network? Use Free Tools To Find Out : Wireshark and NetWitness

Wireshark NetWitnessHow secure is your home or corporate network? Many administrators believe they are protected behind layers of security solutions such as firewalls, IPS/IDS appliances, endpoint security products, content filters, SIEMs, etc. Regardless of your investment in security technology there will always be risk, which dramatically increases as soon as people are included in the equation. One way to verify your risk level is to become the hunter rather than hunted by scanning all traffic on your network for malicious behavior. You may be surprised to find an unpatched server leaking sensitive information through hidden ports or bots hidden on your personal computer phoning home in the middle of the night! Continue reading

VN:F [1.9.22_1171]
Rating: 3.8/5 (5 votes cast)