Data Analysis in Security Monitoring Activities
In this chapter you will learn:
• Best practices for security data analytics using automated methods
• Common sources for system and event logs and methods of analyzing them for security operations.
• Advanced techniques for e-mail analysis
• Processes to help you continually improve your security operations
Experts often possess more data than judgment.
Modern corporate networks are incredibly diverse environments, with some generating gigabytes of data every day in just logging and event information. Scripting techniques and early monitoring utilities are quickly approaching the end of their usefulness, because the variety and volume of data now exceed what ...