References
Drain CVR by Mandiant, 2016. Published by NIST. Read here
Cats Got Your Files: Lynx Ransomware by The DFIR Report Security Team, November 2025. Published by The DFIR Report. Read here
Can We Have NDR Please? by Anton Chuvakin, September 18, 2018. Published by Gartner. Read here
Applying Network-Centric Approaches for Threat Detection and Response, by Gartner, March 2019. Published by Gartner. Read here (login required)
Market Guide for Network Detection and Response, by Gartner, June 2020. Published by Gartner. Read here (login required)
The Tao of Network Security Monitoring: Beyond Intrusion Detection by Richard Bejtlich, 2004. Published by Addison-Wesley Professional. Learn more
New Network-Based Detections and Improved Device Discovery Using Zeek, by Elad Solomon, October 20, 2022. Published by Microsoft. Read here
Enabling SOHO Network Security Monitoring, by Richard Bejtlich, October 19, 2022. Published by Corelight. Read here
Impacket - Collection of Python classes for working with network protocols by Fortra, LLC Read here
Corelight Investigator by Corelight, Inc. Read here
Cobalt Strike, a Defender’s Guide - Part 2 by The DFIR Report. January 24, 2022 Read here