[SANS ISC] Security Monitoring: At Network or Host Level?

I published the following diary on isc.sans.edu: “Security Monitoring: At Network or Host Level?“:

Today, to reach a decent security maturity, the keyword remains “visibility”. There is nothing more frustrating than being blind about what’s happening on a network or starting an investigation without any data (logs, events) to process. The question is: how to efficiently keep an eye on what’s happening on your network? There are three key locations to collect data… [Read more]

[The post [SANS ISC] Security Monitoring: At Network or Host Level? has been first published on /dev/random]

Article Link: https://blog.rootshell.be/2019/10/16/sans-isc-security-monitoring-at-network-or-host-level/