netflow

Grand Rapids ISSA Deck

Charles Herring 18 October 2013

Thanks to the Grand Rapids chapter of the ISSA for hosting me today. My deck can be downloaded here.

Read more about Grand Rapids ISSA Deck

Shoe Bombers on the Network Part Three: Data Visibility

Charles Herring 17 August 2013

Applying the lessons on surveillance we learned from physical security in stopping the Shoe Bomber to network and informaiton security.

Read more about Shoe Bombers on the Network Part Three: Data Visibility

Evaluating NetFlow Tools for InfoSec

Charles Herring Sun, 07/21/2013 - 11:06

Using NetFlow for Information Security has some unique challenges that NETOPS tools don't have to deal with. I put Splunk head to head against StealthWatch and lay out methodolgies for testing other tools.

Read more about Evaluating NetFlow Tools for InfoSec

When Enforcement Doesn’t…

Charles Herring Thu, 06/13/2013 - 08:04

Don't trust your firewalls and NAC without validation. NetFlow is a great way to determine if they are doing what they are supposed to be doing (and alerting you when they are not.)

Read more about When Enforcement Doesn’t…

BSides Chicago Deck

Charles Herring Fri, 05/03/2013 - 13:44

Presentation deck for BSides Chicago 2013 and thanks to all.

Read more about BSides Chicago Deck

Network Security School of Fort Knox: Part 4

Charles Herring 30 August 2012

Figuring out what data sources are best suited for pervasive network surviellance can be tricky. In this fifth installment, we look at the pros and cons of packet capture and NetFlow.

Read more about Network Security School of Fort Knox: Part 4

Subscribe to netflow

Search

Grand Rapids ISSA Deck

Shoe Bombers on the Network Part Three: Data Visibility

Network Security School of Fort Knox: Part 4