Blog Entries

02. 07. 2025 Daniel Degasperi Blue Team, Log-SIEM, SEC4U

Discovery and Credential Access via Kerberos & NTLM: A Detection-Focused Approach

Introduction Windows environments rely heavily on authentication protocols like NTLM and Kerberos. While these protocols serve critical security purposes, they are also commonly abused during malicious activities. This article explains how to detect suspicious behaviors related to Domain Account Discovery and Credential Access, specifically focusing on Enumeration, Brute Force, and Password Spraying attempts via NTLM…

Read More
17. 10. 2019 Tobias Goller ITOA, Log-SIEM, Machine Learning, NetEye

Experiences with Netflow and Machine Learning in Elastic

Some time ago I was able to use the machine learning functionality in Elastic for the first time. I was astonished at how easy it is to use, and how fast it calculates historical data. In my particular case, I loaded Netflow data into the Elastic database. I wanted to use this data to evaluate…

Read More
02. 08. 2017 Susanne Greiner Anomaly Detection, Machine Learning, NetEye, Real User Experience

Next Level Performance Monitoring – Part II: The Role of Machine Learning and Anomaly Detection

Machine learning and anomaly detection are being mentioned with increasing frequency in performance monitoring. But what are they and why is interest in them rising so quickly? From Statistics to Machine Learning There have been several attempts to explicitly differentiate between machine learning and statistics. It is not so easy to draw a line between…

Read More
22. 05. 2017 Tobias Goller Anomaly Detection, Log Management, NetEye

NetEye as essential component of a Security Operations Centers

During my last projects I noticed that the implementation of a „Security Operations Center“ (in short SOC) is becoming increasingly important, especially for our enterprise customers. Mainly for big companies that are of public interest like banks, energy providers, assurances etc. the topic of cyber threats is getting more actual and requires special attention. This…

Read More
28. 03. 2017 NetEye Blog Admin Anomaly Detection, Events, NetEye, Service Management

Review: NetEye & EriZone User Group 2017 in Nürnberg

On the 23rd of this month, the NetEye and EriZone User Group in its German version took place on in the historic tramway depot “St. Peter” in Nuremberg. The event has been hosted by NetEye customer N-ERGIE Aktiengesellschaft. Participants had the opportunity to exchange information and experiences with other customers and got insights to the latest…

Read More
27. 02. 2017 NetEye Blog Admin Anomaly Detection, Events, NetEye, Service Management

AGENDA NetEye & EriZone User Group: Don’t miss this year’s exciting topics!

VAG Museum St. Peter © Archiv Freunde der Nürnberg-Fürther Straßenbahn e.V. The future holds major challenges, which are going far beyond standard monitoring. Internet of Things, E2E Monitoring, SIEM, Network Discovery and Anomaly Detection are keywords that are gaining increasing importance in modern enterprises. Under consideration of these actual trends, we now defined the final…

Read More
11. 11. 2016 Susanne Greiner Anomaly Detection, Real User Experience, Unified Monitoring

How to use anomaly detection to create smarter alerts

Alarms and monitoring go hand in hand. Whenever an algorithm or threshold is used to decide whether the current value of a registered KPI should rise an alarm or not the result can be a hit, a correct reject, a miss or a false alarm. The standard way to rise alarms is studying standard traffic…

Read More

Search by technology

Contact

Contact us
Serviceportal

Archive