TY  - BOOK
AU  - Murdoch,Don
AU  - Murdoch,Bonnie
TI  - Blue team handbook vol. 2 : : SOC, SIEM, and threat hunting use cases notes from the field : a condensed field guide for the security operation team(v1.02) / 
SN  - 9781091493896
AV  - TK 5105 .59  .M87 2018
PY  - 2018///
CY  - Columbia, South Carolina : 
PB  - [sin editora], 
KW  - Seguridad en computadores
KW  - Redes informáticas
N1  - Material de apoyo de Seguridad Cibernética de la Información; Preface, 7 --; Foreword, 11 --; Introduction, 13 --; Security operation center field notes, 15 --; Security monitoring use cases by data source, 61 --; SOC and SIEM use case template, 133 --; Complete SOC and SIEM use case example, 139 --; Partial SOC use cases, 145 --; A day in the life of a SOC analyst, 149 --; Alarm investigation process, 159 --; Applying threat hunting practices to the SOC, 171 --; SIEM field notes, 191 --; Timekeeping and event times, 213 --; Manual log analysis for IR and the SOC, 219 --; Log management, 223 --; Security onion: Effective network security monitoring, 233 --; Continuous monitoring, 236 --; Security architecture considerations, 239 --; Useful reports, references, and standards, 245 --; Common TCP and UDP ports, 249 --; Bibliography and references, 253 --; Index, 255
ER  -