Network Security Monitoring

  • Swarm-SecOps – Network Security Monitoring

    We use Zeek as a network security monitor to support investigations of suspicious or malicious activity. Zeek is a passive, open-source network traffic analyzer. Zeek creates an extensive set of logs describing network activity. These logs include not only a comprehensive record of every connection seen on the wire, but also application-layer transcripts. These include […]

    We use Zeek as a network security monitor to support investigations of suspicious or malicious activity. Zeek is a passive, open-source network traffic analyzer. Zeek creates an extensive set of logs describing network activity. These logs include not only a comprehensive record of every connection seen on the wire, but also application-layer transcripts. These include all HTTP sessions with their requested URIs, key headers, MIME types, and server responses; DNS requests with replies; SSL certificates; key content of SMTP sessions; and much more.

    Click here for more about Swarm-Secops

  • ‘Really engaging training, especially liked the simulation exercise. It sparked a lot of useful conversations, raised some questions but more importantly, ensured the Senior Management buy in for Cyber incident response ‘

    Julie Davies,
    Powsy County Council