SYS-CON MEDIA Authors: ChandraShekar Dattatreya, Ignacio M. Llorente, Tad Anderson, Xenia von Wedel, Peter Silva

News Feed Item

Network Behavior Analysis and Visualization to Detect the 12 Indicators of Network Compromise

Security Analytics and Network Visualization Enable Analysts to Find the Patterns That Can Reveal Indicators of Compromise and Accelerate Detection

AUSTIN, TX -- (Marketwired) -- 02/06/14 -- Every day, security analysts spend critical resources tracking perimeter defense alerts, responding to end-point alerts and running down user reports of suspicious activity. Yet, alerts help to mitigate only the known problems; hiding in the network among disparate data sources are more -- and potentially more dangerous -- unknown threats. To uncover these unknowns, security analysts must be able to recognize telltale malicious network behavior patterns quickly, which is why 21CT released a new Security Insight Brief outlining the 12 indicators of compromise. To learn more or download the report, visit http://www.21CT.com/12Indicators.

There are four categories of malicious behavior that should concern organizations the most:

  • Human behavior, including alert visibility, return on intelligence, and social engineering;
  • Machine behavior, such as autonomous system behavior, policy violations, and Botnet C&C traffic;
  • Volumetric behavior, including DDoS noise reduction as well as unusual inbound and outbound traffic; and
  • Anomalous behavior such as geographic and protocol anomalies in addition to long-term trending.

Understanding these behaviors, what they are and why they are dangerous is a critical first step to stopping them. However, finding these behaviors hidden in network data is a challenge. With security analytics, analysts can fuse together disparate network data to visualize and uncover patterns of behavior that are indicative of network compromise. They can then quickly, and often automatically, identify and classify the behaviors to remediate infected and misconfigured systems or thwart ongoing attacks missed by the perimeter.

"You can't see the red flags and unknown threats in your network because the systems you have in place weren't designed to identify them on their own," said Mike Hamilton, director of technical marketing at 21CT. "To dig out the issues, organizations need the ability to easily combine data sets and uncover specific patterns. Our new Security Insight Brief reviews the 12 major indicators of compromise and helps security analysts determine how to identify them so that they can be found before damage is done."

In addition to the Security Insight Brief, 21CT will release new analytics for LYNXeon designed not only to identify these 12 indicators of compromise before they impact the business but also, in some cases, to prevent the compromise from happening. To see the latest analytics as they are released, visit http://www.21CT.com/IOCs.

About 21CT
Using LYNXeon from 21CT, organizations rapidly fuse enriched and disparate data; analyze and visualize it to find previously undetectable patterns; and gain operational insight to fight fraud, cyberattacks and criminal behavior. For more information and to find out how investigative analytics and pattern detection can secure your world, visit http://www.21ct.com.

Media Contacts:
Julie Crotty
Attune Communications
978-877-0053
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Bit6 today issued a challenge to the technology community implementing Web Real Time Communication (WebRTC). To leap beyond WebRTC’s significant limitations and fully leverage its underlying value to accelerate innovation, application developers need to consider the entire communications ecosystem.
The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from ha...
Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world.
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, p...
The 4th International DevOps Summit, co-located with16th International Cloud Expo – being held June 9-11, 2015, at the Javits Center in New York City, NY – announces that its Call for Papers is now open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's large...
"There is a natural synchronization between the business models, the IoT is there to support ,” explained Brendan O'Brien, Co-founder and Chief Architect of Aria Systems, in this SYS-CON.tv interview at the 15th International Cloud Expo®, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Verizon Enterprise Solutions is simplifying the cloud-purchasing experience for its clients, with the launch of Verizon Cloud Marketplace, a key foundational component of the company's robust ecosystem of enterprise-class technologies. The online storefront will initially feature pre-built cloud-based services from AppDynamics, Hitachi Data Systems, Juniper Networks, PfSense and Tervela. Available globally to enterprises using Verizon Cloud, Verizon Cloud Marketplace provides a one-stop shop fo...
Leysin American School is an exclusive, private boarding school located in Leysin, Switzerland. Leysin selected an OpenStack-powered, private cloud as a service to manage multiple applications and provide development environments for students across the institution. Seeking to meet rigid data sovereignty and data integrity requirements while offering flexible, on-demand cloud resources to users, Leysin identified OpenStack as the clear choice to round out the school's cloud strategy. Additional...
The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com...
We are all here because we are sold on the transformative promise of The Cloud. But what good is all of this ephemeral, on-demand infrastructure if your usage doesn't actually improve the agility and speed of your business? How must Operations adapt in order to avoid stifling your Cloud initiative? In his session at DevOps Summit, Damon Edwards, co-founder and managing partner of the DTO Solutions, will highlight the successful organizational, process, and tooling patterns of high-performing c...
Software-driven innovation is becoming a primary approach to how businesses create and deliver new value to customers. A survey of 400 business and IT executives by the IBM Institute for Business Value showed businesses that are more effective at software delivery are also more profitable than their peers nearly 70 percent of the time (1). DevOps provides a way for businesses to remain competitive, applying lean and agile principles to software development to speed the delivery of software that ...
Docker offers a new, lightweight approach to application portability. Applications are shipped using a common container format and managed with a high-level API. Their processes run within isolated namespaces that abstract the operating environment independently of the distribution, versions, network setup, and other details of this environment. This "containerization" has often been nicknamed "the new virtualization." But containers are more than lightweight virtual machines. Beyond their small...