Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks

This excerpt from the book "Network Security Monitoring" by Chris Fry and Martin Nystrom provides guidance on how to monitor network security effectively. The book focuses on targeted monitoring, which involves using a combination of policies, network knowledge, and event sources to identify security risks. The authors emphasize the importance of having documented network information, including IP addresses, subnets, and network functions, to provide context for security alerts. The book discusses how to analyze security events, including system logs, NIDS alerts, and NetFlow data, and provides strategies for configuring and managing monitoring systems. Examples and case studies illustrate best practices for monitoring specific networks, identifying potential threats, and mitigating security risks.You can listen and download our episodes for free on more than 10 different platforms:https://linktr.ee/cyber_security_summaryGet the Book now from Amazon:https://www.amazon.com/Security-Monitoring-Incident-Detection-Enterprise/dp/0596518161?&linkCode=ll1&tag=cvthunderx-20&linkId=bcd4ff6bcad1b256052eba45aa1d6619&language=en_US&ref_=as_li_ss_tlDiscover our free courses in tech and cybersecurity, Start learning today:https://linktr.ee/cybercode_academy

There are no comments yet.

Please log in to write the first comment.