Forensic investigation of endpoints using NetFlow
This blog will go over how to use some of the features in Plixer Scrutinizer v19.0, such as the host index and IP groups...
All
General
How can I load balance my NetFlow traffic across multiple collectors?
Do you find that you are constantly modifying NetFlow configurations to balance collector workloads? The latest release of Scrutinizer introduces an option to load balance...
Tracking the SUNBURST exploit with metadata
Updated: 1/6/2021 On 12/13/20, cybersecurity company FireEye published research for the SUNBURST exploit, which is affecting companies using SolarWinds software. Since the news broke,...
Inspecting encrypted traffic with JA3 and JA3S fingerprinting
Two years ago, I wrote a blog about tracking malware in encrypted traffic. The overall theme of that blog was that encryption has become...
Plixer Scrutinizer new UI changes
With the newest release of version 19.0.0, I’d like to go over how Plixer Scrutinizer’s UI has changed to make finding data easier. There...
Detecting RDP attacks with NetFlow and metadata
An ever increasing attack vector in the healthcare industry are attacks against open or unsecured RDP connections that allow a bad actor to gain...
We’ve released our biggest update ever, plus two new products
One year ago, we announced our new vision. That is, we believe that SecOps and NetOps provide value for each other, and that value...
Slickwraps breach and metadata analysis
In a new series of blogs, we will go over some recent data breaches and how metadata analysis could have helped with the detection...
Top five VPN monitoring use cases
With the dramatic shift to work from home, Plixer has been working with people all over the globe to visualize VPN traffic in a...
Troubleshooting NetFlow over VPN tunnel
I was working with a customer last week who had configured NetFlow on four of their Cisco routers. They had applied basically the same...