Security Spot

Using Deep Packet Analytics to Extract Specific Bytes

One of the hidden features of NetMon's deep packet analytics (DPA) language is that you can extract specific bytes out of a packet inside of a packet rule. Although NetMon classifies over 3,100 applications and extract many thousands of metadata fields, there is always more to learn about network traffic. In this post, you'll learn the proper techniques for extracting specific bytes out of a network packet using DPA.

PCI-DSS Compliance 3.2 Updates

Whether you swipe it, chip it, tap it, or phone it in, if you are involved in capturing payments from a credit card, you are most likely required to comply with Payment Card Industry Data Security Standard (PCI-DSS) requirements. PCI-DSS is in a transitional phase in which version 3.1 is the accepted standard, with all participants moving to the 3.2 standards by January 2018. Although 3.2 is only a minor number change, there are numerous differences between the new version of PCI-DSS and the old one.

Using Facebook’s osquery for Monitoring and Response

Real-time visibility is key to completely understanding the current state of your IT infrastructure. In October 2014, Facebook made low-level operating system monitoring easier by releasing their endpoint and server security monitoring tool, osquery, as an open-source project. The project was developed to be operating-system agnostic. This means that it can operate on Windows, Linux, and Apple OSX. By exposing collected data via Structured Query Language (SQL), a request for information on Windows works the same as it does on