Evaluating NetFlow Tools for InfoSec Charles Herring

Using NetFlow for Information Security has some unique challenges that NETOPS tools don't have to deal with. I put Splunk head to head against StealthWatch and lay out methodolgies for testing other tools.

When Enforcement Doesn’t… Charles Herring

Don't trust your firewalls and NAC without validation. NetFlow is a great way to determine if they are doing what they are supposed to be doing (and alerting you when they are not.)

BSides Chicago Deck Charles Herring

Presentation deck for BSides Chicago 2013 and thanks to all.

Subscribe to netflow