Checklist for Network Security Monitoring (NSM) for On-premise, Data Centers and Cloud set-ups This checklist was developed from the Birds of Feather (BOF) session on Tooling for NSM held on 15 June 2021 under the Anomalous Network Detection Patterns p… more
Observability, anomaly detection and deep defense is the cycle for early detection of attacks and network breaches.
Speakers from FreeBSD community, CRED, AWS, Datadog, Farsight Securities and other organizations will share their experiences with processes and tools for tightening the loops of network security and anomaly detection, and how to build robust observability workflows.
The conference will cover topics ranging from:
- Network Security Monitoring (NSM)
- Unified approach to observability
- VPN connectivity and unusual traffic patterns
- Response Policy Zones (RPZ)
- Network behaviour analysis and early indicators of attack
The conference is open for participation to the following practitioners.
- SRE teams.
- Observability geeks.
- Engineers who work with Cloud infrastructure.
- Network security engineers.
- DevSecOps teams and practitioners.
See schedule at at https://hasgeek.com/rootconf/detecting-anomalous-network-patterns/schedule
Advanced Anomaly Detection Systems for Transactions and Network flows
India holds the record for having the highest number of digital transactions annually. VuNet is a major Indian player in this, helping several prominent banks through AI driven monitoring of their payment transaction flows and network infrastructure to improve the user experience. Through our flagship product, vuSmartMaps, we have been rigorously analysing millions of transactions, applications, and network traffic, by collecting, analysing and correlating terabytes of telemetry across their transaction logs, application and system logs and network traffic details to detect and correct failures in real time.
We have extensive experience in analysing various logs and multivariate time series data at scale. Building on this, we have developed a unique approach to anomalies: capturing both transaction anomalies and network anomalies, proactively catching failure incidents, and accelerating root cause analysis through advanced correlation mechanisms. We are also extending the anomaly detection systems to our customer’s network systems to identify spurious network traffic by baselining user and branch network behaviour.
Monitoring more than 2.5 Billion transactions a month across 10K+ network nodes, our anomaly systems have become robust over time to discern various time series patterns from seasonal, multimodal, and sudden spikes. They have been tested against global benchmarks with demonstrated superior results and are constantly enhanced with user feedback loops.
In our talk, we will share our experience around the challenges of varied time series data, a novel way at building anomaly systems and applying to real world noisy data at scale.