Identifying the signs of a security incident requires the deployment of various security solutions and log sensors. The sources of infections include IDS/IPS, SIEM, antivirus, file-integrity monitoring, OS/network logs, and public and known vulnerabilities. The deployment of the whole enterprise's security controls may refer to the CIS Critical Security Controls for Effective Cyber Defense (you can find the information at https://www.cisecurity.org/controls/).

These consist of 20 security controls, as summarized in the following table. There are many commercial solutions in each security control, but only open source solutions are listed in the table: