Continuous security monitoring: Learning from the Feds

Monitoring Network Traffic and Network Forensics

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Enterprise network security visibility: Beyond traditional defenses

    Organizations have implemented various network security technologies to gain better visibility into their networks. However, these security technologies place an increased demand on the network. This TechGuide explores how to improve network security... 

  • Unified Communications Forensics: Anatomy of Common UC Attacks

    In this excerpt from Unified Communications Forensics, learn how hackers gain access into UC systems and how to scan the network for vulnerabilities. 

  • Improving security management processes with SIEM

    This Security School will explain the best means for an organization to effectively analyze SIM data, how to improve SIM collection, set reasonable goals for these tools and how to get the best data in order to improve incident response, change manag... 

  • Using SIM for threat monitoring

    From a security perspective, it is challenging to keep ahead of the constantly evolving enterprise threat landscape. Security information and event management (SIEM) systems, however, can be a vital component of an enterprise’s threat mitigation arse... 

  • Network Forensics: Tracking Hackers through Cyberspace

    Authors Sherri Davidoff and Jonathan Ham discuss the benefits of Web proxies and caching for forensic analysts in this chapter excerpt from their co-authored book, Network Forensics: Tracking Hackers through Cyberspace. 

  • Introduction to IDS IPS: Network intrusion detection system basics

    This one-page guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, acts as an introduction to both IDS and network intrusion prevention system (IPS) technology. Here, security professionals will learn how to determine which IDS/IP... 

  • Securing DNS

    In this Security School lesson, learn the myriad threats to DNS security including cache poisoning and denial of service attacks, IP spoofing, footprinting and redirection attacks. 

  • Security School: Security event log analysis

    Learn valuable techniques for sifting through logs to find legitimate security events you need to analyze and respond to before they negatively affect your organization’s bottom line. 

  • Security event log analysis

    Learn valuable techniques for sifting through logs to find legitimate security events you need to analyze and respond to before they negatively affect your organization’s bottom line. 

  • Quiz: How DAM can help detect and trace attacks

    Take this five-question quiz to reinforce your knowledge of how DAM can help enterprises gain new visibility into their databases to help detect and trace potential attacks. 

  • Chained Exploits: How to prevent phishing attacks from corporate spies

    Ever wonder if someone is monitoring everywhere you go on the Internet? In this chapter excerpt from Chained Exploits: Advanced Hacking Attacks from Start to Finish, learn how to keep corporate spies at bay. 

  • See more Essential Knowledge on Monitoring Network Traffic and Network Forensics
  • computer forensics (cyber forensics)

    Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. 

  • network behavior analysis (NBA)

    Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or departures from normal operation... (Continued) 

  • snoop server

    A snoop server is a server that uses a packet sniffer program to capture network traffic for analysis. 

  • promiscuous mode

    In a network, promiscuous mode allows a network device to intercept and read each network packet that arrives in its entirety. This mode of operation is sometimes given to a network snoop server that captures and saves all packets for analysis (for ... 

  • footprinting

    In the study of DNA, footprinting is the method used to identify the nucleic acid sequence that binds with proteins. 

  • network forensics

    Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents. 

  • information signature

    To fight terrorism, the Information Awareness Office (IAO) of the U.S. Defense Advanced Research Projects Agency (DARPA) is planning to develop a system that uses a super database of recorded online transactions and analytical programming that will i... 

  • inverse mapping

    Inverse mapping is a procedure used to create associations between real or virtual objects that involves some type of reversal of another process or concept. 

  • bridge

    In telecommunication networks, a bridge is a product that connects a local area network (LAN) to another local area network that uses the same protocol (for example, Ethernet or token ring). 

  • probe

    In telecommunications generally, a probe is an action taken or an object used for the purpose of learning something about the state of the network. 

About Monitoring Network Traffic and Network Forensics

Get tips and information on network forensics, monitoring network traffic and traffic analysis through traffic monitoring tools and software, and discover how the technologies can help expose potential hacker threats and vulnerabilities and identify strange traffic patterns.