all InfoSec news
SOC monitoring - Technical Guidance
April 22, 2024, 8:39 p.m. | /u/Good_Till_970
cybersecurity www.reddit.com
I'm NOT interested about the structure, the teams, policies and procedures. Although they are super important, let's assume they 're already in place.
I'm looking for something more technical.For example:
* Agents on endpoints must send logs to a SIEM. Directly to SIEM or to a forwarder node, depending on the network structure?
* All firewall logs should be monitored.
* Network traffic …
agents best practices building cybersecurity endpoints guidance important logs medium monitoring policies policies and procedures practices procedures resources send soc structure super teams technical
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Senior Security Engineer - Detection and Response
@ Fastly, Inc. | US (Remote)
Application Security Engineer
@ Solidigm | Zapopan, Mexico
Defensive Cyber Operations Engineer-Mid
@ ISYS Technologies | Aurora, CO, United States
Manager, Information Security GRC
@ OneTrust | Atlanta, Georgia
Senior Information Security Analyst | IAM
@ EBANX | Curitiba or São Paulo
Senior Information Security Engineer, Cloud Vulnerability Research
@ Google | New York City, USA; New York, USA