Processing IOCs in the StealthWatch System

Threat data contained in Indicators of Compromise (IOC) can be applied against the data stored in StealthWatch to look for markers of historical breach. This entry outlines the steps in performing this analysis.

Spear Phish Detection and Response

The difficulty in controlling user behavior makes spear phishing a "no-brainer" for attackers. Network surviellance can detect the attack at different parts of the kill chain.

Has APT1 Been Eating My Porridge?

NetFlow when effectively stored makes a great basis for analyzing indicators of compromise (IOC) like those provided in Mandiant's APT1 report.

IOC

Processing IOCs in the StealthWatch System

Spear Phish Detection and Response

Has APT1 Been Eating My Porridge?

Follow Charles

Email Notifications

Recent blog posts

Tags

Search form

Follow Charles

Email Notifications

Tags