all InfoSec news
SOC monitoring - Technical Guidance
April 22, 2024, 8:39 p.m. | /u/Good_Till_970
cybersecurity www.reddit.com
I'm NOT interested about the structure, the teams, policies and procedures. Although they are super important, let's assume they 're already in place.
I'm looking for something more technical.For example:
* Agents on endpoints must send logs to a SIEM. Directly to SIEM or to a forwarder node, depending on the network structure?
* All firewall logs should be monitored.
* Network traffic …
agents best practices building cybersecurity endpoints guidance important logs medium monitoring policies policies and procedures practices procedures resources send soc structure super teams technical
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Security Operations Manager-West Coast
@ The Walt Disney Company | USA - CA - 2500 Broadway Street
Vulnerability Analyst - Remote (WFH)
@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
Senior Mainframe Security Administrator
@ Danske Bank | Copenhagen V, Denmark