Chapter 5: Introduction to Security Monitoring

Up until now, we have discussed proper industrial control system (ICS) network architecture design and how to build the ICS infrastructure with security, resilience, and uptime in mind. Introduced in the previous chapter, we will be looking at how we can add visibility to the overall ICS cybersecurity posture with the help of security monitoring tools, techniques, and activities. In the second part of this book, we will examine the many facets of security monitoring. We will define the three main methods of security monitoring—namely, passive/active security monitoring and threat hunting. We will see the methodologies behind the three types, as well as play with example tools and techniques, and ...

Get Industrial Cybersecurity - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.