Cyber security analysts
utilize a range of technologies to achieve visibility of threats at network and
endpoint levels.
Cyber security monitoring tools include
Security Information and Event Management and Intrusion Detection Systems.
SIEM systems collect, manage and correlate log information from a range
of sources to provide a holistic view of security posture and generate alerts
for investigation by cyber security analysts. IDS combines network (NIDS) and
host (HIDS) based methods to analyze network traffic and identify anomalously.
Endpoint Security Monitoring
Endpoint detection technologies provide visibility of
activity such as file executions and registry changes across desktops, laptops,
and servers. This empowers cyber security analysts to inspect deeper into IT
infrastructure to hunt for, detect and terminate threats.
No comments:
Post a Comment