O'Reilly logo

Designing and Building Security Operations Center by David Nathans

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix B

Security devices:
Types of security-relevant devices and systems that can be used to protect an organization and/or feed into a central logging server or SIEM system.
Active directory
Antivirus
Anything that can send SNMP alerts and is security relevant
Anything that can send syslog and is security relevant
Application logs
Asset management system
Authentication logs
Change management system
Database application logs
Data loss prevention
DHCP server
DNS server
DNS servers
Email filtering
Email logs
Evidence collector
Firewall (host/network)
File transfer monitor
Forensic analysis systems
Honeypots
Key management system
Network- and host-based intrusion detection/prevention systems
Intelligence tools
Netflow
Network access controls ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required