From the Blogosphere
Beyond Walls: Modern Security Detection | @CloudExpo #Cloud #Security
Our walls of security prevention are actually being surmounted every day – we just don’t always know it
Sep. 10, 2016 03:00 PM
Our walls of security prevention are actually being surmounted every day - we just don't always know it. Assaults from within the network, as well as zero-day threats, are driving new types of solutions referred to as "advanced threat detection" (ATD). ATD brings in real-time packet capture and analysis in addition to monitoring of logs and NetFlow information, as well as recording of packet capture data for near-real-time and post-analysis. By analyzing data traffic, it is possible to build a profile of normal network behavior that can then be compared against real-time data or recorded data to detect anomalies. Alerts can be compared against security prevention solution data to assess if an attack is underway. Conversely, it can be used to determine "false positives."
The foundation for solutions like this is continuous monitoring and analysis, not just of logs and NetFlow data but of packets. Packet capture and network traffic analysis are therefore the very foundation that supports security detection solutions. Having an efficient, reliable security detection infrastructure is therefore paramount.
Here are a few suggestions for what to demand of your detection infrastructure:
Attacks from within and internal vulnerabilities that no one could have dreamed of until recently now dictate a new strategy. A combined approach that captures all network data, continuously monitors it and uses automated tools to correlate alerts will provide the security detection and prevention that walls alone no longer can.
Reader Feedback: Page 1 of 1
Latest Cloud Developer Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week