NetFlow is a powerful tool for answering post-compromise questions, in this case, the RCE vulnerability affecting NetScaler (formerly Citrix) Application Delivery Controller (ADC) and NetScaler Gateway (CVE-2023-3519).
Our Netography Fusion® platform now enables customers to leverage data collected by your SentinelOne agents to accelerate their investigation, incident response, and policy enforcement within the Fusion platform.
As networks are atomizing they are becoming more difficult to protect with the standard methods. In our latest blog, Martin Roesch describes the where, when, what, and how of these network traffic monitoring and security…
Netography now integrates with Wiz to accelerate and simplify detection and mitigation of malicious activity targeting cloud assets. A true “better together” partnership and we remain proud to be part of the Wiz Integration (WIN)…
Netography has been issued two patents with broad claim coverage in our core focus area of creating a defense platform for cloud and on-prem networks. Co-founder Barrett Lyon writes more about the patents and Netography’s…
Last week Branden Wagner of Mercury and Martin Roesch of Netography discussed the urgency of effective network monitoring and security in current complex infrastructures -- and much more.
Martin Roesch explains why Netography believes situational awareness vs. pure inspection for threat detection is fundamentally different and a better approach for the Atomized Network.
In the past, the focus has been on threat detection to prevent attacks, but in the modern Atomized Network it becomes impossible to guard against everything. Instead there should be a focus on compromise detection…
SOC teams always feel like they are having to play catch-up on detections, because without the ability to add criticality and context to devices, all devices are considered equal- causing wasted time searching for additional…
The Netography Threat Research Team has updated several new detection models to improve efficacy for customers, as well as NDMs for post compromise to use generated intelligence and to look for activity on high port…
The Netography Threat Research Team has released its latest updates to monitor outbound traffic for the allowed usage of cleartext protocols. There are also new alerts for post compromise to monitor internal IP actions for…
“The network is slow”. Years ago, a network operations manager would have relied on packet captures to solve this, but now networks are dynamic, encrypted, ephemeral, and diverse and require new tools to gain a…
