12.12.18
TCP vs. HTTP
What's the difference between TCP and HTTP? How do they both work, and how do they work together? Read the blog for definitions of both protocols as well as a breakdown of what makes them different.
Zoltan Talaber
11.28.18
A Case Study for Modern Threat Hunting
Cyber security experts are in high demand but many so-called threat hunters begin as network engineers, admins, or analysts who are thrown into the deep end without much security training or experience. If that's you, read this step-by-step case study to learn the basics of confirming and investigating a breach using wire data.
Adam Hebert
11.27.18
The Trouble with Going Native
Public cloud vendors have no choice but to take security seriously - but even the Big Two (AWS and Azure) are still cloud vendors, not security vendors. Here's a breakdown of what cloud-native security really means for the consumer.
Eric Thomas
11.7.18
Reveal(x) Feature Short: Signal Metrics
Watch this 3-minute video to see how the unique Signal Metrics feature in Reveal(x) highlights behaviors that could be impacting your security posture and reducing your hygiene and compliance so you can quickly act on these potential vulnerabilities.
Chase Snyder
11.5.18
How To Detect That Hadoop/YARN DemonBot Exploit That's Going Around
A new 'DemonBot' is exploiting remote code execution in Hadoop YARN to build a huge botnet, but the possibility of data theft via this exploit also looms large. Here's how to detect it quickly.
Matt Cauthorn
10.31.18
Reveal(x) Feature Short: Threat Intelligence
Watch this 3-minute video to see how you can use ExtraHop Reveal(x), network traffic analysis for the enterprise, to quickly investigate suspicious communications identified by third party threat intelligence feeds using STIX files.
Chase Snyder
10.25.18
Five Reasons You Need to Decrypt Traffic for SecOps Analysis
Why is decryption crucial for SecOps analysis, especially for the growing enterprise security category of Network Traffic Analysis (NTA)? Watch the video or read the deep dive blog to learn about specific attack behaviors that cannot be detected without full decryption capabilities.
Chase Snyder
10.15.18
Reveal(x) Feature Short: Investigation
Watch this 3-minute video to see the full Reveal(x) investigation workflow and learn how SecOps can use network traffic analysis to go from high level threat intelligence to the actual contents of suspicious packets in a matter of minutes.
Chase Snyder
10.5.18
Network Traffic Analysis for Enterprise Security
Watch this 6 minute video to prep for Gartner's upcoming Network Traffic Analysis Market Guide by learning exactly what NTA for the enterprise means and which capabilities are required to be a truly best-of-breed product in this category.
Chase Snyder
10.3.18
What Is Perfect Forward Secrecy?
Learn why Perfect Forward Secrecy is more important than ever, and how IT Ops and SecOps must work together to improve cyber security without losing visibility.
Jaq Evans
9.19.18
Containers & Microservices: Definitions, Examples, & Visual Aids
What are containers? What are microservices? What major benefit do many companies fail to take advantage of when they use microservices? Watch the video to find out!
Jaq Evans
9.18.18
DDoS Protection Primer: Types and Mitigation Explained
Get to know the latest about DDoS attacks by learning about attack types, mitigation strategies, and how to protect your website.
Chase Snyder
6.21.18
Is AIOps a Buzzword You Need to Care About?
What is AIOps, why is Gartner talking about it, and why should you care?
Jaq Evans
6.19.18
TCP Windowing: What Is It, Scaling and Tips for 2018
What is TCP windowing, and how can you scale effectively and solve congestion problems and other issues? Read the blog to find out, updated for 2018!
Christine Shaw
6.6.18
How to Recognize Malicious Network and Port Scanning
Network scanning and port scanning aren't inherently hostile, but they're often used maliciously. Learn to tell the difference between safe and hostile scanning on your network.
Christine Shaw
6.5.18
TCP RTOs: Retransmission Timeouts & Application Performance Degradation
In an effort to rid the world of needless application and network performance slowdowns, we turn to retransmission timeouts (RTOs). What are they and what can you do about them? What Is TCP…
Justin Baker
5.21.18
We Need to Talk About Dwell Time (And How to Shrink It)
Next gen security programs will be measured by dwell time more than any other metric. Here's why.
Chase Snyder
3.30.18
TCP_NODELAY: 2018 Best Practices for TCP Optimization
How to use TCP_NODELAY, Nagle's Algorithm, QUICKACK, and more settings and algorithms to get better TCP performance on your network.
Kshama Datar
12.21.17
Your Windows Proxy Autodiscovery Could Be Compromised
How to defend against WPAD exploit aPAColypse now
Jeff Costlow
12.13.17
Doxware: What, Why, and How to Stay Safe
Learn about doxware, including why it's becoming more and more popular to cyber criminals, and how to protect against a doxware attack.
Barbara Kay
