Latest

Latest news and blog posts from SensorFleet

Product news

Cluster support to Zeek Instrument

27 Oct 2022 | Esa Törmikoski

Zeek is a great tool for analyzing network traffic for cyber security monitoring. We at SensorFleet have seen an increased adoption at our customer base and developed support to run Zeek in a cluster mode for high bandwidth requirements.

Read More »

Blog post

Log4Shell Vulnerability - the day when security industry was working overtime

21 Feb 2022 | Mikko Korkalo

This blog is about the series of Log4Shell vulnerabilities, how they affected our software development and how we helped our customer to validate their networks. I hope this blog will give the reader an insider view of what it is actually like to patch and detect those vulnerabilities.

Read More »

News

Use case: National early warning system

15 Feb 2022 | Sami Petäjäsoja

SensorFleet Network Detection and Response (NDR) solution was deployed on the HAVARO ecosystem in the second half of 2020. HAVARO is a national monitoring and early warning system provided by the NCSC-FI for critical infrastructure providers and government organizations.

Read More »

Blog post

Confluence vulnerability, a tale of catching active exploitation in the wild

07 Sep 2021 | Antti Tönkyrä

At SensorFleet we often run trials in co-operation with our customers and partners, and the new codebase is tested in different virtualized environments and partner networks to validate fixes and to test new features. In this case we got interesting results and one could say we were a bit lucky,...

Read More »

Blog post

Streaming events from SensorFleet to Elastic Stack or Azure Sentinel

04 Aug 2021 | Mikko Korkalo

This blog post will show you step-by-step how to configure Logstash on top of SensorFleet Sensor for streaming events to your SIEM.

Read More »

Blog post

Quick start for network security monitoring

19 Apr 2021 | Sami Petäjäsoja

Starting a network security monitoring project from scratch, or augmenting the existing solutions, can be a daunting task. Common questions include setting the monitoring objectives, selecting the monitoring tools for the task, planning and resourcing the deployment, and last but not least: What to do with the results.

Read More »

Blog post

Stream syslog reliably from the edge to SIEM using SensorFleet

07 Apr 2021 | Mikko Korkalo

This blog post will show you step-by-step how to configure Logstash on top of SensorFleet Sensor as a reliable syslog buffer on your edge network.

Read More »

Blog post

Using Zeek to find persistent threats by using a canary file (part 2)

07 Oct 2020 | Mikko Korkalo

A blog on how to use Zeek IDS on SensorFleet platform to plant a honeypot-like canary file on a file server. Just by using network monitoring.

Read More »

Blog post

Using Zeek to find persistent threats by monitoring DNS anomalies (part 1)

29 Sep 2020 | Mikko Korkalo

This is a blog on how to detect persistent DNS connections using SensorFleet and the Zeek IDS. Some persistent threats may use DNS functionality to get around firewalls or to stay hidden from IDS.

Read More »

Blog post

Detection of ZeroLogon (CVE-2020-1472) using SensorFleet

21 Sep 2020 | Mikko Korkalo

ZeroLogon can be used to exploit a serious vulnerability in Windows Domain Controllers. This blog post shows how to detect it using SensorFleet.

Read More »

Blog post

Building Beacon Instrument

03 Jul 2020 | Jukka Taimisto

Across the hall from SensorFleet office is another cyber security startup, SensorFu, and they have an awesome product called Beacon. Beacon is deployed inside an isolated network segment and it continuously tries to escape out from it. A successful escape is an indication of misconfiguration or malice and getting alert...

Read More »

Blog post

Keeping Your Security Monitoring Tools And Tasks Safely Separated

03 Mar 2020 | Jukka Taimisto

Security tools and appliances typically run with high privileges, have access to sensitive traffic and their security has to be taken at face value. Luckily zero trust, containment, least privilege and privilege separation are not just trendy topics and security design principles for ordinary software.

Read More »

Blog post

Our Approach

04 Feb 2020 | Sami Petäjäsoja

This blog is about building our next generation cyber sensor platform. First we must let you in on a little secret, our approach may be based on yours. We have a long experience in developing cyber security sensor technology for a national early warning system protecting the critical infrastructure and...

Read More »

Contact us

contact@sensorfleet.com

Privacy policy »

© SensorFleet Oy
Business ID: 2884312-2

Oulu

SensorFleet Oy
Teknologiantie 11
90590 Oulu
Finland

Sami Petäjäsoja
+358 40 5030745

Helsinki

SensorFleet Oy
Hitsaajankatu 22
00810 Helsinki
Finland

Simo Mäkipaja
+358 40 583 3999