Why It’s Time to Make Network Traffic Analysis A First-Class Citizen

Presented by

Eric Ogren, 451 Research & Brian Dye, Corelight

About this talk

Since nearly all cyberattacks must cross the network it’s an essential source of truth for threat hunters and incident responders, yet many organizations today have limited network traffic analysis capabilities. Why? The root of the problem lies in common sources of network data, which are difficult to analyze at scale. Security operators often find themselves stuck between the unwieldy firehose of full traffic capture and the frustrating information desert of network logs like Netflow that offer only a minimal amount of detail. Simply put, it’s either too much, or too little network data. A goldilocks alternative exists, however, in the Bro Network Security Monitor. This open source framework transforms network traffic into high-fidelity logs that summarize activity on the wire at less than 1% the size of full traffic capture and can automate traffic analysis tasks via Bro’s unique scripting language. Thousands of organizations rely on Bro to achieve comprehensive, scalable network traffic analysis and Corelight makes Bro easy and ready to deploy at enterprise scale. In this webinar, Eric Ogren, Senior Analyst at 451 Research, and Brian Dye, CPO at Corelight, will demonstrate how Bro can help organizations achieve comprehensive, scalable network traffic analysis and accelerate their threat hunting and incident response workflows.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (339)
Subscribers (78126)
451 Research is your radar into the business of IT innovation. Whether you are a product manager investigating the competition, an IT decision-maker evaluating the impact of emerging technologies on your business, a service provider finding your place in an evolving industry, or a dealmaker fueling the digital economy, 451 Research gives you the inside track on your business and your markets.