Two Approaches to Security Tools Using Flowlogs, IDS, Port Scans, Darknets, Honeypots, Passive DNS, and Much More

Come see two approaches to security tools that incorporate flowlogs, IDS, port scans, darknets, honeypots, passive DNS, and much more, plus see many real-world examples of incidents they detected. Washington University has developed PNA (passive network appliance), a network monitoring and security tool that provides a superior understanding of an enterprise network's Internet traffic behavior, particularly in the presence of encrypted services. The University of Pennsylvania School of Arts and Sciences developed HECTOR (Hector Entity Coordination and Tracking Operational Repository), a security intelligence repository based on open-source technologies that provides data for information security decision making.