12. Case Studies for Managers
This chapter addresses the three most common NSM scenarios faced by technical managers. I present each case from the perspective of a semifictional organization that must address these issues. You will not find this exact company in the phone book, but you may know of real companies that have many of the same characteristics.
In the first case study, I discuss emergency NSM in an incident response. Because few organizations currently deploy NSM-centric solutions, victims often discover their networks are not adequately monitored. This section shows how to use NSM once an organization is already compromised. You'll see that NSM is helpful to scope the extent of an intrusion, choose response measures, and validate ...
Get The Tao of Network Security Monitoring Beyond Intrusion Detection now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.