Chapter 14: Security Operations
In this chapter, we will cover security operations and how monitoring tools can be incorporated into their operational workflows. Like a technical operations team, it is just as important to have a security operations team or Security Operations Center (SOC) and program in place. This team's day-to-day responsibilities include 24/7 monitoring and response to any security-related incidents that affect your environment or end users. This is a critical component and a necessity of an overall security program. Recent trends have shown that attackers operate during off hours, weekends, and holidays to avoid detection and maximize damage.
In this chapter, we will focus on the Microsoft technologies available that can ...
Get Mastering Windows Security and Hardening - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
