Network traffic analysis for incident response October 5, 2020 Nitesh Malviya Firewalls and IDS/IPS A typical corporate network makes use of a number of networking devices and mechanisms for preventing various attacks and maintaining the security of their...
Network traffic analysis for incident response April 7, 2020 Fakhar Imam Network traffic analysis for IR: Data exfiltration Understanding network behavior is a prerequisite for developing effective incident detection and response capabilities. ESG research has found that 87 percent...
Network traffic analysis for incident response March 9, 2020 Lester Obbayi Network traffic analysis for IR: Basic protocols in networking In this article, we’ll discuss some of the basic protocols that are commonly used in computer networking. A good understanding of computer networking is...
Network traffic analysis for incident response March 2, 2020 Lester Obbayi Network traffic analysis for IR: Introduction to networking Computer networking is one of the most important skills that incident responders are required to have. Analyzing network traffic as an incident responder is...
Network traffic analysis for incident response February 25, 2020 Fakhar Imam Network Traffic Analysis for IR — Discovering RATs A Remote Access Trojan (RAT) is part of the malware family. It enables covert surveillance, a backdoor channel and unfettered and unauthorized remote access...
Network traffic analysis for incident response February 19, 2020 Fakhar Imam Network traffic analysis for IR: Analyzing IoT attacks The Internet of Things (IoT) incorporates everything from tiny sensors and devices to huge structures like cloud computing. IoT includes the major networks...
Network traffic analysis for incident response February 11, 2020 Howard Poston Network Traffic Analysis for IR: TFTP with Wireshark The Trivial File Transfer Protocol (TFTP) is designed to provide a bare-bones method of sending data from a server to a client. Its main use is for firmware...
Network traffic analysis for incident response January 30, 2020 Howard Poston Network Traffic Analysis for IR: SSH Protocol with Wireshark The Secure Shell (SSH) is designed to allow confidential and authenticated remote access to a computer. Like the Telnet protocol, it enables a user to remotely...
Network traffic analysis for incident response January 29, 2020 Fakhar Imam Network traffic analysis for IR: Analyzing DDoS attacks Distributed Denial-of-Service (DDoS) attacks are one of the powerful cyber weapons threat actors use today. We often hear about a website being “brought...
Network traffic analysis for incident response January 28, 2020 Howard Poston Wireshark for Incident Response 101 Wireshark is a freely available tool for network traffic analysis. It can be used to either analyze saved packet capture files or perform live traffic capture...