Month: October 2014

On decreasing incident response time

Original Entry by : Boni Bruno

Seems like security incidents are occurring more often with mild to significant impact on consumers and various organizations, such as Target and Sony.

Referring to the Verizon Data Breach Report year after year confirms that incident response times to such incidents are increasing, rather than decreasing, with root cause identification of the problems not occurring for months after the security incident in many cases. This can cause a pessimistic view among many security teams, however, there are a lot of good things happening in the security space that I want to share with you.

Continue reading “On decreasing incident response time”

User and device attribution comes to EndaceVision: Empowering network and security incident analysis

Original Entry by : Barry Shaw

We’ve all heard that the application is now the network. This paradigm shift moved us from the simple port-based definition of applications that was prevalent up until the end of the last decade, to the more awkward reality that applications are much more complex and no longer conformed to such a simple scheme. For network operators, understanding the applications on the networks was paramount and Endace responded to this by incorporating deep packet inspection (DPI) technology into its EndaceProbeTM Network Recorders in 2012.

Continue reading “User and device attribution comes to EndaceVision: Empowering network and security incident analysis”