The Practice of Network Security Monitoring by Richard Bejtlich
Author:Richard Bejtlich
Language: eng
Format: epub, mobi
Tags: COMPUTERS / Security / General
ISBN: 9781593275341
Publisher: No Starch Press
Published: 2013-07-25T16:00:00+00:00
Part IV. NSM in Action
Chapter 9. NSM Operations
Analysts need tools to find intruders, but methodology is more important than software. Tools collect and interpret data, but methodology provides the conceptual model. Analysts must understand how to use tools to achieve a particular goal, but it’s important to start with a good operational model, and then select tools to provide data supporting that model.
Too many security organizations put tools before operations. They think “we need to buy a log management system” or “I will assign one analyst to antivirus duty, one to data leakage protection duty,” and so on. A tool-driven team will not be effective as a mission-driven team. When the mission is defined by running software, analysts become captive to the features and limitations of their tools. Analysts who think in terms of what they need in order to accomplish their mission will seek tools to meet those needs, and keep looking if their requirements aren’t met. Sometimes they even decide to build their own tools.
This chapter provides a foundation for developing an NSM operational model that will work for your organization. We’ll start with an overview of the enterprise security cycle.
Download
The Practice of Network Security Monitoring by Richard Bejtlich.mobi
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7791)
Grails in Action by Glen Smith Peter Ledbrook(7705)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(6649)
Azure Containers Explained by Wesley Haakman & Richard Hooper(6638)
Running Windows Containers on AWS by Marcio Morales(6163)
Kotlin in Action by Dmitry Jemerov(5074)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(4961)
Combating Crime on the Dark Web by Nearchos Nearchou(4547)
Microsoft Cybersecurity Architect Exam Ref SC-100 by Dwayne Natwick(4425)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4422)
The Ruby Workshop by Akshat Paul Peter Philips Dániel Szabó and Cheyne Wallace(4213)
The Age of Surveillance Capitalism by Shoshana Zuboff(3964)
Python for Security and Networking - Third Edition by José Manuel Ortega(3784)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3515)
The Ultimate Docker Container Book by Schenker Gabriel N.;(3452)
Mastering Python for Networking and Security by José Manuel Ortega(3359)
Learn Wireshark by Lisa Bock(3346)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3337)
Blockchain Basics by Daniel Drescher(3308)
