Packets don't lie - Network Security Monitoring (NSM) for the masses
Prevention ultimately fails. With this uncomfortable premise, everyone gets breached. The circumstances for networks become grave when one looks at defending networks from the security 1% lens. According to Richard Bejtlich,
“assortment of people and organizations who have the personnel, processes, technology, and support to implement somewhat robust digital security programs, especially those with the detection and response capabilities and not just planning and resistance/”prevention” functions”
One of the methods to identify, process and gain visibility into a network is Network Security Monitoring(NSM).
In this talk, I will lay out ample reasons for implementing NSM in a network and the various ways to do it.
Q: Key Takeways
1. Why NSM matters
2. Implementing NSM in a network
Q: Who should attend?
1. Network administrators
2. InfoSec professionals
Where is my traffic going? And other tough questions of hybrid network monitoring
Modern application architectures have evolved networking beyond physical connections. IP addresses are no longer sufficient descriptors of components like virtual machines, containers, and cloud services. Effectively managing complex, distributed environments requires an understanding of how these components interact, which cannot be obtained with traditional network monitoring tools. more