Network Security Monitoring

  • Swarm-SecOps – Network Security Monitoring

    by Swarm-SecOps

    We use Zeek as a network security monitor to support investigations of suspicious or malicious activity. Zeek is a passive, open-source network traffic analyzer. Zeek creates an extensive set of logs describing network activity. These logs include not only a comprehensive record of every connection seen on the wire, but also application-layer transcripts. These include all HTTP sessions with their requested URIs, key headers, MIME types, and server responses; DNS requests with replies; SSL certificates; key content of SMTP sessions; and much more.

  • IP-Performance recently ran 2 virtual cyber breach response workshops for Elmbridge Borough Council and we cannot recommend them highly enough. As well as lots of practical resources & templates to take away, the second day culminates with an simulation which brings a cyberattack to life. It’s highly interactive, slightly stressful, but most importantly really makes you think! There’s a definite buzz around cyber at Elmbridge now thanks to Phil and team.

    Nikki Benge, ICT Business Manager,
    Elmbridge Borough Council