Malware, Botnets, and Anomalies: SecurityCenter Continuous View™ Deployment Use Cases
Five ways to find malicious activity generated by malware
The earlier you recognize and investigate suspicious activity, the more likely your efforts to detect and prevent network compromise and breaches will be successful. If you ignore or fail to detect out-of-the-ordinary activity, chances are good unexpected usage, unauthorized changes, and malicious attacks will go unnoticed.
SecurityCenter Continuous View™ collects and correlates network data from many sources. It learns baseline activity and triggers events on malicious and out-of-the-ordinary occurrences. This provides you with a centralized view of current network activity and assists in detecting any suspicious activity.
By reading this paper, you will explore five use cases for deploying SecurityCenter Continuous View to find malicious activity generated by malware. These include:
- NetFlow detection of botnets and anomalies
- Spanned switch port detection of botnets and anomalies
- Credentialed malware and botnet scans
- Nessus Agent-based mobile endpoint malware and botnet monitoring
- Log Correlation Engine client-based mobile endpoint malware and botnet monitoring
This paper will be especially useful for IT security professionals evaluating the continuous network monitoring capabilities of SecurityCenter Continuous View. Likewise, current Tenable customers who have not yet deployed all of the capabilities of SecurityCenter Continuous View, will gain a greater understanding of how they can benefit from the platform’s ability to detect malicious activity.