Clarifying Technical Obfuscation

Tag: Zeek

Probable compromise: An investigative approach for encrypted network traffic

Network encryption is a game changer for security teams as it makes it more difficult to identify malicious traffic. It may even paralyze some people and cause others to dismiss network security monitoring altogether.

But does it have to be this way? During a recent SANS webcast entitled Alternative Network Visibility Strategies for an Encrypted World hosting Zeek/ Bro experts, Matt Bromiley said, “(Encryption) just means I have to change my analysis techniques and change the way I approach these particular datasets as well.”

Continue reading

© 2021 Dallin Warne

Theme by Anders NorenUp ↑

css.php