Oakley Networks Product Monitors for Inappropriate Insider Activity

Earlier I mentioned Vericept, whose product watched for the movement of sensitive data out of corporate networks. I recently learned of Oakley Networks, whose IO-3 product appears to do something similar. Rather than watching for suspicious inbound activity, typically caused by intrusion attempts, this product watches for leakages of data defined by the administrator. Of course, the product only gets interesting if we know it doesn't "grep for strings." We could program Snort or ngrep to do that!

Popular posts from this blog

Zeek in Action Videos

MITRE ATT&CK Tactics Are Not Tactics

New Book! The Best of TaoSecurity Blog, Volume 4