Blog Posts
Security Analytics: Tracking Software Updates
This blog post presents an analytic for tracking software updates from official vendor locations.
• By Tim Shimeall
In Cybersecurity Engineering
Security Analytics: Tracking Proxy Bypass
This post describes how to track the amount of network traffic that is evading security proxies for services that such proxies are expected to cover.
• By Tim Shimeall
In Cybersecurity Engineering
Three Places to Start in Defending Against Ransomware
This blog post, the second of three dealing with ransomware and defending against it, covers three initial efforts that will make it more difficult for attackers and less costly to …
• By Tim Shimeall
In CERT/CC Vulnerabilities
Situational Awareness for Cyber Security Architecture: Tools for Monitoring and Response
Visibility into the activities within assets enables network security analysts to detect network compromises. Analysts monitor these activities directly on the device....
• By Tim Shimeall
In Situational Awareness
Network Traffic Analysis with SiLK: Profiling and Investigating Cyber Threats
Cyber threats are on the rise, making it vitally important to understand what's happening on our computer networks. But the massive amount of network traffic makes this job hard....
• By Paul Krystosek, Tim Shimeall, Nancy Ott
In Situational Awareness
Best Practices in Network Traffic Analysis: Three Perspectives
In July of this year, a major overseas shipping company had its U.S. operations disrupted by a ransomware attack, one of the latest attacks to disrupt the daily operation of …
• By Angela Horneman, Tim Shimeall, Timur Snoke
In Situational Awareness
Traffic Analysis for Network Security: Two Approaches for Going Beyond Network Flow Data
By the close of 2016, "Annual global IP traffic will pass the zettabyte ([ZB]; 1000 exabytes [EB]) threshold and will reach 2.3 ZBs per year by 2020" according to Cisco's …