O'Reilly logo

Security Operations Center: Building, Operating and Maintaining your SOC by Joey Muniz, Nadhem AlFardan, Gary McIntyre

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Security Event Generation and Collection

“You will miss the best things if you keep your eyes shut.”—Dr. Seuss

This chapter covers ways to collect data from various sources so that it can be converted into a useful format for the security operations center (SOC). The chapter provides many examples of data-producing sources, ranging from network firewalls to security software installed on end-user devices. Each data-generating source covered includes steps on how to export data to a centralized correlation utility. The chapter concludes with a discussion about how to use behavior analytics from NetFlow tuned to alert the SOC of top areas of concern, such as network breaches or systems reaching maximum capacity. This can be extremely ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required