nfdump/nfsen are a great set of tools for analysing netflow based network data, both for network management and for cybersecurity purposes. The biggest drawback for security applications is that finding IoC occurrences for any sensible timeframe (e.g. up to two weeks back) will take hours, if not days. Rather than trying to replace nfdump/nfsen, a better approach is to address only this...
This presentation will be a comprehensive exploration of the research conducted on harnessing AI and open-source tools for enhanced IT security vulnerability assessment. The target audience for this presentation includes IT security professionals, vulnerability assessment specialists, and decision-makers in organizations seeking to optimize their IT security protocols and strategies.
Presentation
This presentation aims to overcome some of the challenges regarding emerging and mutable threats, which may go unnoticed for some time due to a constrained data foundation that does not extract enough knowledge from the network status. We bring an AI, knowledge-based technology and one of its applied use cases to detect and categorise threats based on user’s, device’s and...