Problem solve

Extrusion detection illustrated

This chapter will help you learn how to use extrusion detection to enhance your customer's awareness and security posture.

Richard Bejtlich
Published: 23 Sep 2006

Extrusion detection is the process of identifing unauthorized activity by inspecting outbound network traffic. If a security consultant observes suspicious or malicious traffic leaving his customer's network, there's a strong possibility that internal systems are already compromised. During the last three years extrusion-centric processes and products have become popular. This chapter from Richard Bejtlich's Extrusion Detection: Security Monitoring for Internal Intrusions will help you learn how to use this powerful investigative technique to enhance your customer's awareness and security posture.

Download Chapter 3, Extrusion detection illustrated (PDF), from Extrusion Detection: Security Monitoring for Internal Intrusions written by Richard Bejtlich and published by Addison-Wesley Professional.

Extrusion Detection: Security Monitoring for Internal Intrusions
By Bejtlich, Richard
Published by Addison-Wesley Professional
ISBN: 0321349962; Published: 11/4/2005; Copyright 2006; Pages: Final; Edition: 1

Dig Deeper on Managed network security services

All
News
Get Started
Evaluate
Manage
Problem Solve

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

MicroscopeUK

Channel has to help customers with confidence crisis

Those trying to go through the IT buying process are struggling with too much information and trying to make sense of vendor ...
Agilitas chairman Kelly awarded OBE

Channel veteran is recognised for his efforts working in the ICT community in Wales
Barracuda MSP continuing to increase options for managed service players

Firm delivers first major update of Managed Workplace seven months after acquiring the security and RMM solution

SearchSecurity

RPA security best practices include access control, system integration

Robotic process automation can revolutionize enterprise workflows, but if RPA security risks aren't controlled, bots could end up...
Researcher finds digital certificate fraud used to spread malware

A new certificate fraud scheme involves a threat actor impersonating company execs to purchase certs which are then resold to ...
6 types of insider threats and how to prevent them

Compromised, negligent and malicious employees put enterprises at risk. Here are six problems they pose and the insider threat ...

SearchStorage

Dell Technologies’ evolution offers hints of its future

Dell’s evolution has led the company from PCs to servers, storage and virtualization. Here, Dell’s storage CTO describes what ...
Debunking 5 common myths about data storage containers

Storage containers can hold a lot of things, including misconceptions. Here are five common container storage myths that need to ...
Dell storage dominance followed $67B grab of EMC, VMware

Dell packages servers, storage for EMC and virtualization from VMware into an end-to-end IT stack; how will it expand and deliver...

SearchNetworking

Arista CloudVision 2019 from Arista Networks advances visibility

Arista Networks upgraded its network monitoring and management platform with new features that help automate and improve change ...
Cisco author says new CCNA exam undergoes largest change ever

Cisco said goodbye to most CCNA tracks, and hello to a consolidated exam. Here's what you need to know about the new CCNA, from ...
Cisco acquisitions in 2019 bolster service provider strategy

Cisco acquisitions in 2019 and 2018 include three that show the company preparing for when carriers will increase spending to ...

SearchCloudComputing

Take a closer look at the AWS Hero and Microsoft MVP programs

Certifications are a popular option for candidates to gain credibility in a certain technology. Learn how AWS Heroes and ...
Oracle and VMware forge new IaaS cloud partnership

Joint Oracle and VMware customers will soon be able to run VMware Cloud Foundation on Oracle Cloud Infrastructure, with support ...
Oracle Cloud Infrastructure updates hone in on security

Oracle Cloud Infrastructure is getting a multifaceted security boost as the company seeks to gain ground against AWS, Microsoft ...

SearchDataManagement

InfluxDB Cloud 2.0 expands open source time series database

While the core open source InfluxDB 2.0 project is still in alpha, InfluxData has advanced its cloud service to support new ...
New cloud and on-premises options for Oracle Autonomous Database

Oracle introduced new cloud and on-premises deployment options for its namesake database as the tech vendor’s Oracle OpenWorld ...
How big tech breakup would affect the tech industry

Breaking up the tech giants would be difficult and might create initial chaos in market, help smaller competitors and potentially...

SearchBusinessAnalytics

Oracle BI platform on the comeback trail

Time had seemingly left Oracle's business intelligence tools behind -- until the vendor responded by consolidating its BI ...
BI for mobile remains a challenge for vendors

While some BI vendors have developed effective mobile apps that provide concise insights, those that have attempted to recreate ...
Magento BI update a benefit to vendor's e-commerce customers

Magento rolled out the Magento Business Intelligence Summer 2019 Release, updating its BI platform with enhanced scheduling ...

Close