We love using Clarified Analyzer in our Traffic Audits. In addition to troubleshooting, we would like to see others use it for traffic audits too. Thus we are pleased to introduce a special pricing for KPMG 2009 participants.
- Annual license (expires 2010-09-08)
- The price is for Hacknet 2009 KPMG participants:
- Shared 15 000 EUR (VAT 0%) or
- 2000 EUR (VAT 0%), which ever will be cheaper
- Jani is allowed to come back next year to hear your experiences with Clarified Analyzer
ClarifiedVisualizationGallery - visualizations we've done in the past, using Analyzer and other tools developed by us.
Videos - YouTube videos explaining Analyzer and other visualizations we've done.
Synthesis of results
I didn't have time to go on how different tools and analysts can collaborate through the Collab-environment. The video below demonstrates how two completely different tools are able to collaborate through the Collab. First Jani labels an interesting host. Then Lari runs his Open Source Reconnaissance tools for that host. Then Jani downloads that information back to the Analyzer Earthview.
While the Open Source Reconnaissance resembles something that for example Maltego does. However the concept, the collaborative approach is somewhat different.
Topology NG on Malware
While Topology NG helps you in quickly documenting some network setting, you can also use it to document so specific case. On the video below we demonstrate how you can do a traffic based analysis for malware and document dropsites, command&control etc. You may then use the case topology to explain the case to your colleagues/clients and to easily pick for example the packets to selected sites.
Every now and then people ask us to do intuitive custom visualizations for communicating a complex problem to the high-level management. While you may use Clarified Analyzer to do visualizations of network traffic, you might want to visualize also some textual data. The video below is one example of such. Our video visualizes the data collected by Doxpara. It shows how DNS servers are patched over time. If you pay close attention, you see bigger flashes, sweeping over the timezones, every time someone releases an advisory.
Red = Unpatched
Green = Patched
Yellow = Mixture of both.