With the modern day cyber threat constantly changing, it is of utmost importance for security teams to be sufficiently prepared to defend.
The CyberKombat is an attack/defence experience program delivered at Satisnet Innovation Centre in Luton, United Kingdom. “CyberKombat is created through a Satisnet/IBM collaboration, designed to replicate a serious cyber-attack on an organisation. The centre provides SOC teams with the opportunity to test their abilities and gain a wealth of new skills in the process,” says Alan Miller, Marketing Manager at Satisnet.
As part of CyberKombat, Flowmon takes care of network security monitoring and anomaly detection. “Thanks to Flowmon, security teams have gained visibility into the network traffic, including application layer visibility. Moreover Flowmon Anomaly Detection System permanently observes and analyses data communication seeking anomalies and revealing suspicious behaviour,” says Artur Kane, Technology Evangelist of Flowmon Networks.
Flowmon flow-based (NetFlow/IPFIX) network traffic monitoring tools provide IT professionals with detailed network visibility to streamline troubleshooting, network operations and optimise the performance of an entire IT environment. What is more, utilising flow data statistics for security needs opens completely new possibilities for security engineers. The so called Network Behavior Anomaly Detection technology provides them with advanced network security monitoring for the automatic detection of suspicious activities, attacks and advanced threats that bypass traditional solutions.
CyberKombat comprises of a full day of tutoring and hands-on experiences of dealing with cyber threats. The Satisnet Red Team is responsible for attacking and compromising a set of hosts, while the Blue Team is responsible for detecting the attacks and, in a limited form, protecting the hosts. In parallel to the Red/Blue team, C-level management participate by utilising table-top exercises and interaction with the Blue team to analyse potential emergency incidents and to examine existing operational plans and determine where they can make improvements. These exercises provide a forum for planning, preparation and coordination of resources during any kind of attack.
The SOC teams participating in CyberKombat experience can also benefit from the native integration of Flowmon ADS and IBM QRadar when investigating advanced threats. “Flowmon and IBM QRadar integration brings an advanced tool into the cyber-defence field. Thanks to that, security personnel is provided with benefits such as quick solving of incidents without demanding and expensive manual processes, the ability to identify early symptoms of threats, and a single access point to information for the user,” says Alan Miller.
Founded in 2004, Satisnet Ltd is a leading IT security reseller dedicated to providing the highest level of customer care and technical support. During this time our business has grown and we have established a strong professional reputation across a multitude of market sectors from Local Government, FTSE 250 to Financial and Charity organisations. www.satisnet.co.uk
illustration source: Satisnet Ltd.