skip to Main Content

Detecting Hidden Spambots… and Other Network Security Tales from Flow Data

A site reliability team investigates why they were blacklisted from a Google API. Misconfig? DDoS? Turns out it was an accident caused by the team’s engineering interns, who wrote a bad script. Another team quickly located and eradicated spambots lurking in their infrastructure cloud — after months of the bots evading basic detection methods. How did these teams make these discoveries? Flow data.

Flow data is now often paired with many other data sets, including BGP, geolocation, and business metadata, for network and security intelligence. The availability of open source and commercial big data technology and scale-out computing clusters makes it possible to realize the value that flow data has always promised, but never delivered in the past — with use cases across sophisticated, accurate, and useful anomaly detection and alerting, as well as ad-hoc, exploratory analyses.

In this webinar, Kentik’s Jim Meehan, head of product marketing, discusses real-world examples of network performance, anomaly detection, and forensic mysteries that were quickly solved via flow data. He will also cover current best practices for leveraging flow data.

Back To Top