Flowmon

Back in 2021 we have introduced the integration between MISP, a community threat intelligence sharing platform and Flowmon ADS. The integration turns indicators of compromise shared through MISP to actionable intelligence. Flowmon ADS will automatically pick up on latest indicators of compromise using MISP API and leverage those indicators of compromise to detect adversary activities in the target network. The integration is available in Flowmon ADS 11.2 and newer versions. This way anyone can use community threat intelligence to report on malicious activities in the company environment.

Old network salts likely know all about network flows and the value of network flow monitoring. As former News Editor for Network World and Editor in Chief of Network Computing, network flows are part of my old stomping grounds. In fact, I remember when Cisco invented NetFlow in the late 1990’s to collect traffic data from its routers and switches so it could be analyzed by network pros.

The network is the heart and soul of your IT infrastructure, and its performance defines the user experience. Key to ensuring this performance is spotting security issues that disrupt its workings. This blog discusses two interrelated approaches: network behavior analysis (NBA) and anomaly detection. In fact, NBA is encompassed within a good anomaly detection system (ADS).

Microsoft has long been a top, perhaps the top, cybercriminal target. Not only is its software ubiquitous, but many hackers just plain don't like the company. And perhaps most important, attacks on Microsoft give hackers one thing they seek most – publicity.