Facebook iconTwitter icon

Detecting Compromised Systems: Analysing the top eight indicators of threat traffic

Thumb original uk uws detecting compromised systems independent white paper
Client: LogRhythm EMEA
Format: Whitepaper
Size: 485 KB
Language: English
Date: 02.08.2018


Key indicators of a compromise can be found by analysing the network traffic from outbound connections—specifically, traffic coming from an endpoint on your internal network and connecting through your firewall to something on the internet. Focusing on this threat traffic will give your organisation visibility into early indicators of a potential threat.

The goal is to detect a compromised endpoint. Endpoint security solutions certainly assist with this aim, but whether you have such technology deployed or not, the analysis of anomalous network traffic is critical to detecting ongoing compromised systems. So, what are the best ways to identify a compromise from network traffic alone?

In this paper, we review eight sets of network-related traffic, from the potentially suspicious to the downright malicious and discuss how you can use each to detect a compromised system.

Free Download

I have read and understood the privacy/terms and conditions and consent to the ascertainment, conversion, utilisation and dissemination of the data I have entered into this registration form. The B2B Media Group and originator/sponsor LogRhythm EMEA of the document may use my contact data for the purpose of B2B marketing (via e-mail, phone, display and postal) until such time as I withdraw my consent. My agreement to the company and our partner as shown below can be revoked at any time via an E-Mail to the following address: datenschutz@b2bmg.de ( Subject: LogRhythm EMEA)
Fields marked with * are mandatory

Privacy / download conditions:

Date: 1.8.2018


  • B2B Media Group GmbH, Bahnhofstraße 5, 91245 Simmelsdorf (B2B MG)
  • B2B Media Group EMEA GmbH, Bahnhofstraße 5, 91245 Simmelsdorf (B2B MG)


  • LogRhythm EMEA