Infrastructure Management

When we talk about the business value of a tool or a system that at first glance may seem like a “nice to have” or a “helpful but not absolutely necessary” technology, it is a good idea to start any discussion on the merits of the tool by putting some things into perspective.

Back in 2021 we have introduced the integration between MISP, a community threat intelligence sharing platform and Flowmon ADS. The integration turns indicators of compromise shared through MISP to actionable intelligence. Flowmon ADS will automatically pick up on latest indicators of compromise using MISP API and leverage those indicators of compromise to detect adversary activities in the target network. The integration is available in Flowmon ADS 11.2 and newer versions. This way anyone can use community threat intelligence to report on malicious activities in the company environment.

Old network salts likely know all about network flows and the value of network flow monitoring. As former News Editor for Network World and Editor in Chief of Network Computing, network flows are part of my old stomping grounds. In fact, I remember when Cisco invented NetFlow in the late 1990’s to collect traffic data from its routers and switches so it could be analyzed by network pros.

Microsoft has long been a top, perhaps the top, cybercriminal target. Not only is its software ubiquitous, but many hackers just plain don't like the company. And perhaps most important, attacks on Microsoft give hackers one thing they seek most – publicity.