Blacklists are the mainstay of many security technologies protecting enterprise networks today. Despite being used practically everywhere however, many people fail to understand what blacklists actually offer in the realm of protection - and how they're often used as a preemptive protection technology.
Add to that a complementary technology - one offering more advanced features in the realm of preemptive threat detection (and perhaps "protection") and used to aid and extend blacklists - is that of clustering.
To help explain these technological terms (and whats happening in this field of preemptive technology) I wrote a couple of technical blogs that were published in SC Magazine this week. With a bit of luck you'll find them educational and a bit of fun.
Part One: Blacklists, clustering and The Matrix
Part Two: Blacklists, clustering and The Matrix