What did I just see? Detection, Inference, and Identification

By Richard Bejtlich, Principal Security Strategist, Corelight In the course of my network security monitoring work at Corelight, I’ve encountered the terms  detection, inference, and identification. In this post I will examine what these terms mean, and how they can help you describe the work you do when investigating normal, suspicious, and malicious activity in […]