Plixer Blog

Featured Entries

Various network nodes with security locks, representing encrypted traffic visibility

How To Investigate Encrypted Traffic Without Decrypting It

Most malicious traffic is encrypted, and in real environments, you usually don’t have the keys to inspect it. You can still investigate encrypted traffic effectively by analyzing behavior such as who is communicating, how often, how much data is transferred, and when that behavior ...

Continue Reading

Representation of lateral movement: attack spreads through a network from a central point

How To Detect Lateral Movement: A Step-by-Step Guide

Blocks of data in a digital environment. Most of the blocks are clear but one is red, representing AI-powered anomaly detection

How Network Anomaly Detection Works (And Why It Matters)

Cloud network security: a representation of the cloud in a digital space

Network Troubleshooting: How To Diagnose Network Outages Faster

An alert touches multiple segments of the network, representing the challenge to reduce false positives

How to Reduce False Positives with Shared Context

All

Magnifying glass on top of a diagram that looks like both a fingerprint and a network, representing end-to-end network troubleshooting

Network Operations

Why Most Performance Investigations Start in the Wrong Place

When users report that “the network is slow,” most investigations begin where frustration is loudest. That may be, for

Read More

A padlock silhouetted against a dark background, surrounded by a spray of white particles, representing password spraying detection.

Security Operations

What Password Spraying Looks Like in Raw Network Telemetry

Password spraying is usually described in terms of failed logins and account lockouts. But before a SIEM rule fires

Read More

White speech bubbles containing question marks, representing the questions to ask while network troubleshooting

Network Operations

Five Questions to Ask Before Escalating a Network Issue

When performance drops or users report that “the network is slow,” escalation often feels like the safest move. But

Read More

Multiple data streams flow independently, but together form one fabric, representing packet replication

Network Operations

When One Packet Stream Needs to Feed Five Tools

In most environments today, one packet stream rarely serves a single purpose. Let’s say a SPAN or ERSPAN session

Read More

Radar scans a digital network, representing flow-based threat hunting

Security Operations

How Flow Data Supports Threat Hunting Without Drowning Analysts

Threat hunting should feel deliberate. You should be able to follow a path, validate a suspicion, and document what

Read More

A magnifying glass uncovers an alert midway along a progress bar, representing network baselining and troubleshooting

Deep Network Observability

Proving Nothing Changed: The Most Overlooked Troubleshooting Skill

When something breaks, teams instinctively look for what changed. Maybe a new deployment or a firewall rule pushed late

Read More

Security padlock and connecting lines in a digital environment, representing firewall change validation

Network Security

What Changed After the Firewall Update? Let the Traffic Answer

Firewall updates rarely fail in obvious ways. Everything looks like it’s going smoothly, but then a day or two

Read More

Many nodes on a network, representing the scaling challenges that flow-first visibility helps overcome

Network Operations

Scaling Visibility Across Sites Without Deploying Probes Everywhere

As networks grow, visibility often scales the wrong way. New branch offices, cloud regions, and remote environments bring new

Read More