Cybersecurity

OT, ICS, SCADA: IEC 60870-5-104 in ntopng

Posted May 15, 2023 · Add Comment

What is OT, ICS, SCADA ? Operational Technology (OT) refers to computing systems that are used to manage industrial operations or process operations, like water treatment, electrical power distribution or wrapping a chocolate in foil. ntopng supports some Industrial control … Continue reading →

admin

Introducing Smart Recording in n2disk: Combining Cybersecurity with Packet-to-Disk

Posted May 2, 2023 · Add Comment

In short Continuous network traffic recorders are applications (or appliances) that write network traffic on disk. In case of issues (e.g. security breach or network outage) they enable network and security analysts to go back in time and see how … Continue reading →

admin

HowTo Use Periodic Traffic Analysis in Cybersecurity

Posted January 3, 2023 · Add Comment

Since v5 ntopng has the ability to detect periodic activities, i.e. activities that are repeated periodically at a given pace (note that each activity can have a different frequency, and ntopng is able to detect them). Periodic activities are not … Continue reading →

Matteo Biscosi

What’s New in ntopng: Network Assets

Posted December 5, 2022 · Add Comment

Hello everybody! Welcome back to the weekly blog post of this serie used to update you with the latest ntopng features and graphical changes. Please let us know your feedback! Today we are going to talk about the Asset Map. … Continue reading →

Matteo Biscosi

What’s New in ntopng: Periodic Activities (a.k.a beaconing) !

Posted November 21, 2022 · Add Comment

admin

Malware Traffic Analysis in ntopng

Posted October 5, 2022 · Add Comment

ntop users have started to use our tools for malware analysis as contrary to packet sniffers or text-based security tools, ntopng comes with a web interface that simplifies the analysis. For this reason we have recently: Added the ability to … Continue reading →

admin

Using Blacklists to Catch Malware Communications Using ntopng

Posted September 26, 2022 · Add Comment

A category list is a control mechanism used to label traffic according to a category. In nDPI, the traffic classification engine on top of which ntop applications are built, there are various categories including (but not limited to) mining malware … Continue reading →

admin

What is CyberScore and How it Works: a Technical Overview

Posted July 29, 2022 · Add Comment

ntop users as familiar with concepts such as flow risk and cyberscore. This week we have presented a conference paper [slides] at 2022 IEEE International Conference on Cyber Security and Resilience where we describe in detail what is cyberscore, how … Continue reading →

admin

Introducing nDPI 4.4: Many New Protocols, Improvements and Cybersecurity Features

Posted July 6, 2022 · Add Comment

This is to introduce nDPI 4.4 that includes the development activities of the last six months. As with previous releases we are improving protocol support, automatic testing to harden the code for critical environments, and introducing new cybersecurity features for … Continue reading →

admin

How ntopng monitors IEC 60870-5-104 traffic

Posted May 18, 2022 · Add Comment

Busy times for OT analysts. Last month the number of known OT (operational technology) malware increased from five to seven. First malware discovered is Industroyer2 which was caught in the Ukraine. As nowadays popular, security companies name the malware they … Continue reading →

Popular
Recent
Comments
Tags

PF_RING 6.0.3 Just ReleasedToday we have released PF_RING 6.0.3 a maintenance release that [...]
ntopng Deep Dive: Interview with Ivan PepelnjakLast month Ivan Pepelnjak interviewed me on Software Gone Wild [...]
ntop is back: ntopng 1.0 just releasedAfter 15 years since the introduction of the original ntop [...]
Enabling Zeek and Suricata On-Demand at 40/100 Gbit using PF_RINGOverview Those of you who have some experience with IDS [...]

Register for ntop June 2023 Webinar: June 20th 3PM CET / 9 AM ESTThis is to invite you to the latest ntop webinar [...]
Scaling Up ntopng Flow and Packet ProcessingAs traffic rate increases it is important to tune packet [...]
Introducing Modbus Traffic Monitoring in ntopngModbus is an industrial protocol used to communicate with automation [...]
Enabling Zeek and Suricata On-Demand at 40/100 Gbit using PF_RINGOverview Those of you who have some experience with IDS [...]

Browse By Date
Browse By Date
Browse By Categories
- Announce (52)
- cento (9)
- Components (1)
- Cybersecurity (23)
- Features (3)
- Guides (11)
- libebpfflow (1)
- n2disk (21)
- n2n (7)
- nbox (7)
- nDPI (55)
- nEdge (6)
- News (15)
- nProbe (105)
- nScrub (3)
- ntop (116)
- ntopng (171)
- PF_RING (96)
- snort (3)
- TNAPI (11)
- tutorials (18)
- vPF_RING (3)
- Webinar (17)
- ZC (30)

OT, ICS, SCADA: IEC 60870-5-104 in ntopng

Introducing Smart Recording in n2disk: Combining Cybersecurity with Packet-to-Disk

HowTo Use Periodic Traffic Analysis in Cybersecurity

What’s New in ntopng: Network Assets

What’s New in ntopng: Periodic Activities (a.k.a beaconing) !

Malware Traffic Analysis in ntopng

Using Blacklists to Catch Malware Communications Using ntopng

What is CyberScore and How it Works: a Technical Overview

Introducing nDPI 4.4: Many New Protocols, Improvements and Cybersecurity Features

How ntopng monitors IEC 60870-5-104 traffic

Browse By Date

Browse By Categories

Latest Posts

Upcoming Events