May 15, 2023

Quickly gain situational awareness and visibility into your network environment

We all know visibility is the key to prevent breaches: gaining situational awareness focused on network traffic is usually a great way to start.

Attackers often spend 3 or more months moving around inside business networks before launching attacks. Yet, with the right tools and detection capabilities their presence can be detected and destructive attacks (ransomware?) can be thwarted.

Also, getting data on what applications are really being consumed inside a business environment can improve risk insights and perhaps address weaknesses on time.

The first step in this security hygiene process is to deploy the proper tools to quickly get situational awareness.

However, to do it properly, you need:

wide and deep protocol coverage (from HTTP(S) to DNS, over the latest tunneling and stealth P2P protocols).
Do it with least disruptions or changes to network infrastructure. This usually means not relying on HTTPS interception or any kind of proxy technology that will impact user productivity (at least when the goal is to gain visibility).
Enrichment of collected data with high quality threat intelligence, usually performed in a custom data lake. Threat intel quality is usually proportional to the amount of existing device telemetry a vendor has worldwide: the more, the better.

There is an easy way to get this done with Palo Alto Networks (PANW) Security Lifecycle Review (SLR).

All you need is to place a PANW next-gen firewall device (appliance or virtual) into the network as a passive non-intrusive element, acting as data collector. No disruptions or changes to network infrastructure are required. Leave it there and let it collect traffic data for 7 days. The traffic metadata collected by the device is then uploaded into Palo Alto Networks' data lake and enriched with PANW threat intelligence to gain visibility into your network.

Click Here to get started with the review

The recommended way to get initial situational awareness is to place the device as data collector via a tap or span port:

PANW SLR: quicklygain security insights with a passive network element — PANW SLR: quickly gain security insights with a passive network element

Of course, to get even more data, you might intercept traffic by placing the device in-line. More options in this respect are found here:

Multiple options for Palo Alto Networks SLR

Interview - Managing Attack Surface Risks in SMBs and Financial Services

The Human Element: How to Strengthen Your Email Security Through Awareness and Protection

Confessions from a Firewall Vendor: under Pressure

Trend Micro Vision One - Integrating Proactive and Reactive Cybersecurity

Mass Exploitation of Internet Facing Services - This Time Zimbra

Active Directory Advice from Down Under: Is It Too Difficult and Costly to Protect It?

Password Rotation, Complexity Requirements, or Security Questions – All Bad Practices?

Identity Compromise Drives Majority of Cyber Incidents - CISA’s 2023 Findings

Impersonating Government Agencies To Deliver Infostealers - The HZZO Example

Cybersecurity Incidents Are Intensifying – A Regional Example

Interview - Managing Attack Surface Risks in SMBs and Financial Services

The Human Element: How to Strengthen Your Email Security Through Awareness and Protection

Confessions from a Firewall Vendor: under Pressure

Quickly gain situational awareness and visibility into your network environment

Latest news

Subscribe to Our Newsletter