In a previous post, we looked at an example of a fictional bookstore company and recommended mirroring strategies for that specific scenario. In this post, we’ll be looking at a fictional bank and recommended mirroring strategies for their network traffic. For a list of the most commonly used strategies, check out our traffic mirroring tutorial.

One of the core value propositions of AIOps platforms is to increase IT efficiency & productivity by applying AI & ML techniques to perform Alert Noise Reduction. This in turn translates to direct cost reduction due to savings in IT man-hours. In this approach, the AIOps platform kind of becomes like a gatekeeper for all the IT alerts/events, and it can help effectively, reduce and correlate such events, so as to send meaningful incidents to NOC or Service Desk.

At Devo, we take pride in providing our customers with innovations that enable them to derive tremendous value from our Platform and applications as they work to keep their organizations secure. That ongoing commitment is embodied in our newest offering — Devo Exchange.

You have to capture everything to investigate security issues thoroughly, right? More often than not, data that at one time was labeled irrelevant and thrown away is found to be the missing piece of the puzzle when investigating a malicious attacker or the source of an information leak. So, you need to capture every network packet.

The SURGe team at Splunk is always exploring new methods and tools to make our lives easier. Today we’d like to share some of that work with you. Before we dive into the what and how, I’d like to briefly explain the why.