Enterprise networks can contain valuable information that forms an increasingly attractive target for malicious actors. Useful techniques for securing endpoints in a network against malicious activity are described by way of example in commonly-owned U.S. patent application Ser. No. 14/263,955, filed on Apr. 28, 2014, U.S. application Ser. No. 14/485,759, filed on Sep. 14, 2014, and U.S. patent application Ser. No. 15/042,862, filed on Feb. 12, 2016, each of which is hereby incorporated by reference in its entirety.
There remains a need for improved network security network security based on monitoring network flows for endpoints to prevent, e.g., data leakage and other negative consequences for compromised endpoints.