Our new white paper, “Network Perimeter Defense: Analyzing the Data,” has now been released. Read the paper for tips on how to improve your data collection and analysis capabilities.
Abstract: An organization or security analyst can quickly become overwhelmed with monitoring logs and responding to security alerts. One problem is that, in order to be thorough, more logs will need to be collected than any team can realistically expect to check and respond to in a reasonable amount of time. Having a mature, effective security analysis operation, however, will allow important events to receive the attention they require. The first key to having a mature security analysis operation is to understand the normal, baseline operation of your networks. The second is to automate the collection and analysis of logs as much as possible, so that human time and resources are only being used to investigate events which require a human intellect to make sense of. The purpose of this paper is to provide tips for how to accomplish these two goals.Download Network Perimeter Defense: Analyzing the Data