Latest news and blog posts from SensorFleet
21 Feb 2022 | Mikko Korkalo
This blog is about the series of Log4Shell vulnerabilities, how they affected our software development and how we helped our customer to validate their networks. I hope this blog will give the reader an insider view of what it is actually like to patch and detect those vulnerabilities.
15 Feb 2022 | Sami Petäjäsoja
SensorFleet Network Detection and Response (NDR) solution was deployed on the HAVARO ecosystem in the second half of 2020. HAVARO is a national monitoring and early warning system provided by the NCSC-FI for critical infrastructure providers and government organizations.
07 Sep 2021 | Antti Tönkyrä
At SensorFleet we often run trials in co-operation with our customers and partners, and the new codebase is tested in different virtualized environments and partner networks to validate fixes and to test new features. In this case we got interesting results and one could say we were a bit lucky,...
04 Aug 2021 | Mikko Korkalo
This blog post will show you step-by-step how to configure Logstash on top of SensorFleet Sensor for streaming events to your SIEM.
19 Apr 2021 | Sami Petäjäsoja
Starting a network security monitoring project from scratch, or augmenting the existing solutions, can be a daunting task. Common questions include setting the monitoring objectives, selecting the monitoring tools for the task, planning and resourcing the deployment, and last but not least: What to do with the results.
07 Apr 2021 | Mikko Korkalo
This blog post will show you step-by-step how to configure Logstash on top of SensorFleet Sensor as a reliable syslog buffer on your edge network.
07 Oct 2020 | Mikko Korkalo
A blog on how to use Zeek IDS on SensorFleet platform to plant a honeypot-like canary file on a file server. Just by using network monitoring.
29 Sep 2020 | Mikko Korkalo
This is a blog on how to detect persistent DNS connections using SensorFleet and the Zeek IDS. Some persistent threats may use DNS functionality to get around firewalls or to stay hidden from IDS.
21 Sep 2020 | Mikko Korkalo
ZeroLogon can be used to exploit a serious vulnerability in Windows Domain Controllers. This blog post shows how to detect it using SensorFleet.
03 Jul 2020 | Jukka Taimisto
Across the hall from SensorFleet office is another cyber security startup, SensorFu, and they have an awesome product called Beacon. Beacon is deployed inside an isolated network segment and it continuously tries to escape out from it. A successful escape is an indication of misconfiguration or malice and getting alert...
03 Mar 2020 | Jukka Taimisto
Security tools and appliances typically run with high privileges, have access to sensitive traffic and their security has to be taken at face value. Luckily zero trust, containment, least privilege and privilege separation are not just trendy topics and security design principles for ordinary software.
04 Feb 2020 | Sami Petäjäsoja
This blog is about building our next generation cyber sensor platform. First we must let you in on a little secret, our approach may be based on yours. We have a long experience in developing cyber security sensor technology for a national early warning system protecting the critical infrastructure and...