Sep 04, 2013
Strategy: How Existing Security Data Can Help ID Potential Attacks
Most enterprises have a wealth of security information, all of which can potentially be analyzed to identify possible attacks. That’s easier said than done, however. Company firewalls, IPS/IDS devices and many other security appliances collect information. PCs, servers and many other devices collect log data. Security information and event management systems aggregate security event information but don’t necessarily interpret it.
What’s needed is a way to evaluate all of this data and correlate it to find potential attacks or existing breaches. In this Dark Reading report, we look at the basic steps of security analytics, and identify the tools and skills the enterprise must have to perform this kind of deep analysis. (S7330913)