Blue team handbook vol. 2 : SOC, SIEM, and threat hunting use cases notes from the field : a condensed field guide for the security operation team(v1.02) /
Don Murdoch ; illustrated by Bonnie Murdoch.
- Columbia, South Carolina : [sin editora], 2018.
- v, 256 páginas : gráficas a blanco y negro ; 25 cm.
Material de apoyo de Seguridad Cibernética de la Información.
Preface, 7 -- Foreword, 11 -- Introduction, 13 -- Security operation center field notes, 15 -- Security monitoring use cases by data source, 61 -- SOC and SIEM use case template, 133 -- Complete SOC and SIEM use case example, 139 -- Partial SOC use cases, 145 -- A day in the life of a SOC analyst, 149 -- Alarm investigation process, 159 -- Applying threat hunting practices to the SOC, 171 -- SIEM field notes, 191 -- Timekeeping and event times, 213 -- Manual log analysis for IR and the SOC, 219 -- Log management, 223 -- Security onion: Effective network security monitoring, 233 -- Continuous monitoring, 236 -- Security architecture considerations, 239 -- Useful reports, references, and standards, 245 -- Common TCP and UDP ports, 249 -- Bibliography and references, 253 -- Index, 255.
9781091493896
Seguridad en computadores. Redes informáticas. Seguridad en computadores.