Education&Events

The coming events

Articles

The latest version introduces a number of new solutions for security and authentication, filtering and data analysis. Added support for RTBH filtering that enables organizations that do not use the BGP FlowSpec protocol to mitigate DDoS attacks. Special views have also been prepared to meet the needs of Security and Network Operating Center teams.

Below we present an article about NetFlow by an engineer from Sycope. It was written a while ago, but it is still relevant today. NetFlow is currently available primarily as NetFlow v9 and IPFIX – not only on routers but also firewalls, switches and other devices. It has the same, but also some new applications. Security departments in particular continue to appreciate the benefits of traffic monitoring and anomaly detection. Today, NetFlow systems include modules for analysing, reporting and detecting a number of abnormal behaviours and exceeded threshold values. An increasing number of systems, including traffic optimisation systems, support NetFlow and enrich it with additional information, such as URL or an application recognised using DPI.

Jacek Grymuza explains the benefits of feeding data from the NetFlow protocol and its derivatives into popular SIEMs.

Jacek Grymuza explains why network flow analysis works excellently for detecting DoS attacks, including in particular, volumetric attacks and protocol attacks.

Jacek Grymuza, IT Security Expert about what the ATT&CK MITRE framework is and how to apply this methodology to increase the level of security in organizations.

Poland Office:
Goraszewska 19
02-910 Warsaw
Poland


contact@sycope.com

Ireland Office:
Alexandra House
The Sweepstakes
Ballsbridge, Dublin
D04 C7H2

Copyright 2021 Sycope Ltd. All rights reserved. Privacy policy