Security Management Strategies for the CIO
Email Alerts
-
Betting the house on network anomaly detection systems
In month’s Information Security magazine, learn what you need to know about network anomaly detection systems, as well as deploying safer virtual LANs (VLANs), and the importance of making a testbed. Read product reviews of Trustgenix's IdentityBridg... E-Zine
-
Security visibility: Honestly assessing security posture
Test your knowledge of Aaron Turner’s course on improving enterprise security visibility in this five-question quiz. Quiz
-
Security event log analysis
Learn valuable techniques for sifting through logs to find legitimate security events you need to analyze and respond to before they negatively affect your organization’s bottom line. partOfGuideSeries
-
Honeynet security consoles and honeypot legal issues
Find out more about the honeypot legal issues in this excerpt from "Know your enemy: Learning about security threats." Chapter excerpt
-
How to avoid federal Wiretap Act issues with a honeypot network security system
Hackers have rights, too. How can you deploy honeypots without running afoul of the law? Feature
-
Honeypot technology: How honeypots work in the enterprise
The founder of the Honeynet Project explains how honeypots work and how they complement other technologies. Feature
-
Research highlights speed, frequency of ICS security attacks
A new Trend Micro study using honeypots for research highlights an alarming number and variety of attempted ICS security breaches. News | 20 Mar 2013
-
Botnet infections in the enterprise have experts advocating less automation
Having skilled IT pros closely monitoring intrusion prevention systems to investigate network traffic anomalies can reduce infections, experts say. News | 02 Jul 2012
-
Next generation SIEM could boost network visibility, but platforms must scale, experts say
Can security information and event management systems be the foundation for comprehensive IT data analytics? Powerful correlation engines and sharper analytical capabilities are forthcoming, analysts say. News | 01 Nov 2011
-
Startup launches botnet detection, IP reputation services
ipTrust debuted its new botnet detection service and IP address reputation capabilities. News | 29 Oct 2010
-
Balancing security, business case for consumer products in enterprise
Security managers looking to curb their network risks struggle with employees' desire to use consumer-oriented devices and services like smartphones, USB drives and social media. Article | 03 Mar 2010
-
Sourcefire, Nmap deal to open vulnerability scanning
Sourcefire and Insecure.org have inked an agreement to develop open source vulnerability scanning tools based on Insecure's Nmap scripting engine. Article | 23 May 2007
-
Sourcefire expands strategy in effort to leverage its network real estate
Sourcefire has announced plans to expand its overall product strategy to span network access control, intrusion prevention, network behavior anomaly detection and post-admission network access control under the Enterprise Threat Management banner. Column | 19 Apr 2007
-
Extensive coverage in a single box
McAfee's IntruShield 3000 leverages high port density and Virtual IPS technology to greatly extend network detection capabilities. Article | 02 Jun 2006
-
Hybrid honeypots 'shadow' intrusion prevention systems
The new technology improves anomaly detection accuracy and relieves some of the headaches with current IPS and IDS tools. But it has its shortcomings. Article | 10 Aug 2005
-
SIEM best practices for advanced attack detection
SIEM struggles are common, but Mike Rothman explains why SIEM products are critical for advanced attack detection, and offers a SIEM tuning step-by-step. Tip
-
The case for using anomaly-based monitoring in zero-day detection
Expert Char Sample explains how anomaly-based monitoring may be a key step forward in uncovering zero-day vulnerabilities. Tip
-
P0f: A free collection of passive OS fingerprinting tools
In this screencast, learn how to use p0f, a collection of free passive OS fingerprinting tools. Tip
-
Honeypots for network security: How to track attackers' activity
Honeypots have long been used to track attackers' activity and defend against coming threats. In this tip, network security expert Anand Sastry describes the different types of honeypots and which is best for your enterprise. Tip
-
Use BotHunter for botnet detection
Got bots? Hopefully not, but how can you be sure? Learn about botnet detection with the help of a free tool, BotHunter. This can keep your computers from participating in a botnet and subsequently leaking data. Tip
-
Combining NetFlow analysis with security information management systems
NetFlow, Tom Bowers writes, when used in conjunction with SIMs and correlated with data from other devices and layers, can be an indispensable combination. Tip
-
Security information management finally arrives, thanks to enhanced features
Integrating all varieties of security information onto one dashboard is a compelling idea, but SIM products have often missed the mark. That, however, may be changing. In this tip, Mike Rothman reveals how network-behavior analysis and log management... Tip
-
The key technologies in a network perimeter intrusion defense strategy
This article lays the groundwork for future discussions of intrusion defense. Joel Snyder introduces technologies that act as strong network perimeter defenses. Tip
-
IDS: Signature versus anomaly detection
Learn the strengths and weaknesses of signature and anomaly detection, and how the two detection methods complement each other. Tip
-
Ain't misbehavin': Security tools watch behavior to stop new threats
Robert Scheier takes a look at behavior-based and signature-based security tools. Tip
-
Virtualized behavior-based monitoring: Improving performance visibility
Learn about virtual behavior-based monitoring tactics, which allow for easy anomaly detection and can help defend a virtualization infrastructure. Answer
-
Can honeypots for network security detect a P2P botnet?
Honeypots can be a great network security tool, but are they capable of detecting a P2P botnet? In this expert response, Nick Lewis details how and what kind of threats a honeypot can identify. Ask the Expert
-
What are the top three network intrusion techniques?
Nick Lewis reviews the top three technologies used by hackers to cover their tracks after a network intrusion. Ask the Expert
-
Is centralized logging worth all the effort?
Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a centralized logging infrastructure. Ask the Expert
-
How helpful is the centralized logging of network flow data?
Network security expert Mike Chapple strongly recommends network flow logging as part of a well-rounded security program. There are two common pitfalls, however, that infosec professionals need to look out for. Ask the Expert
-
Can reputation services be applied to network security?
Reputation scores can be used to block spam, but can these services be applied to the security of the network? In this expert Q&A, Mike Chapple reveals which products are on the horizon. Ask the Expert
-
Can network behavior anomaly detection (NBAD) products stop rootkits?
There are plenty of network-based products that use packet and connection rates to detect rootkits and other malware. In this SearchSecurity.com Q&A, information security threats expert Ed Skoudis reviews which products, as well as Internet-based pro... Ask the Expert
-
Are honeypots safe to implement in a router?
Honeypots are useful ways to study malicious hackers and their methods. In our expert Q&A, network security expert, Mike Chapple, warns users to leave honeypot implementation to the pros. Ask the Expert
-
How to protect against port scans
A port scan is a popular hacking tool that allows attackers to gather information about how your network operates. Learn how to detect and prevent a port scan in this platform security Ask the Expert Q&A. Ask the Expert
-
How to detect an unauthorized OS on a network
Ask the Expert
- See more Expert Advice on Network Behavior Anomaly Detection (NBAD)
-
network behavior analysis (NBA)
Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or departures from normal operation... (Continued) Definition
-
nonce (number used once or number once)
A nonce, in information technology, is a number generated for a specific use, such as session authentication. Definition
-
network behavior anomaly detection (NBAD)
Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends... (Continued) Definition
-
Threat detection taxonomy: Anomaly detection methods in the enterprise
Video: Diana Kelley offers an enterprise threat detection taxonomy and the pros and cons of the various anomaly detection methods. Video
-
Amit Yoran on 'big data' security analytics, threat intelligence
Amit Yoran of RSA NetWitness discusses 'big data' security analytics, threat intelligence and network security monitoring with News Director Rob Westervelt. Video
-
File integrity monitoring software benefits for the enterprise
In this video, Spryo Malaspinas offers a primer on file integrity software basics and file integrity monitoring software benefits for enterprises. Video
-
SIEM best practices for advanced attack detection
SIEM struggles are common, but Mike Rothman explains why SIEM products are critical for advanced attack detection, and offers a SIEM tuning step-by-step. Tip
-
Research highlights speed, frequency of ICS security attacks
A new Trend Micro study using honeypots for research highlights an alarming number and variety of attempted ICS security breaches. News
-
Threat detection taxonomy: Anomaly detection methods in the enterprise
Video: Diana Kelley offers an enterprise threat detection taxonomy and the pros and cons of the various anomaly detection methods. Video
-
Amit Yoran on 'big data' security analytics, threat intelligence
Amit Yoran of RSA NetWitness discusses 'big data' security analytics, threat intelligence and network security monitoring with News Director Rob Westervelt. Video
-
The case for using anomaly-based monitoring in zero-day detection
Expert Char Sample explains how anomaly-based monitoring may be a key step forward in uncovering zero-day vulnerabilities. Tip
-
Botnet infections in the enterprise have experts advocating less automation
Having skilled IT pros closely monitoring intrusion prevention systems to investigate network traffic anomalies can reduce infections, experts say. News
-
Security visibility: Honestly assessing security posture
Test your knowledge of Aaron Turner’s course on improving enterprise security visibility in this five-question quiz. Quiz
-
Security event log analysis
Learn valuable techniques for sifting through logs to find legitimate security events you need to analyze and respond to before they negatively affect your organization’s bottom line. partOfGuideSeries
-
File integrity monitoring software benefits for the enterprise
In this video, Spryo Malaspinas offers a primer on file integrity software basics and file integrity monitoring software benefits for enterprises. Video
-
Next generation SIEM could boost network visibility, but platforms must scale, experts say
Can security information and event management systems be the foundation for comprehensive IT data analytics? Powerful correlation engines and sharper analytical capabilities are forthcoming, analysts say. News
- See more All on Network Behavior Anomaly Detection (NBAD)
About Network Behavior Anomaly Detection (NBAD)
Get advice on network behavior anomaly detection (NBAD) and learn about honeypots and other tools and techniques for identifying rogue network data, analyzing network traffic and exposing hacker activities.