A goal that cybersecurity tools and algorithms needs to satisfy is the ability to sniff and detect intrusions. This process can be completed in different ways by different vendors and solution providers. What it does at the minimum is to sniff every data piece that comes into the organization and identify patterns that might sound irregular. For example think of emails, an APT attack might come as mail segments from known email addresses. how can you sniff that and stop it? this is where you need to discuss with internal and external resources on techniques and processes. In the military world the situation is handled different and in commercial world we need to brace it very differently. Interesting, no this is just foundational and at the very basic process expected from all tools. CISO’s and their teams expect more depth and visibility in these processes along with API interfaces to customize. We will discuss more on this series in the next few blogs.
Cybersecurity – Sniffing
04/12/17 1:41 PM