Amazon cover image
Image from Amazon.com

Building an intelligence-led security program / Allan Liska ; Tim Gallo, technical editor.

By: Contributor(s): Publisher: Amsterdam : Elsevier, [2014]Copyright date: ©2015Description: 1 online resource (xv, 175 pages) : illustrationsContent type:
  • text
Media type:
  • computer
Carrier type:
  • online resource
ISBN:
  • 9781322480787
  • 1322480788
  • 9780128023709
  • 0128023708
Subject(s): Genre/Form: Additional physical formats: Print version:: Building an intelligence-led security program.LOC classification:
  • TK5105.59 .L57 2015eb
Online resources:
Contents:
Understanding the threat -- What is intelligence? -- Building a network security intelligence model -- Gathering data -- Internal intelligence sources -- External intelligence sources -- Fusing internal and external intelligence -- CERTs, ISACs, and intelligencec-sharing communities -- Advanced intelligence capabilities.
Summary: As recently as five years ago, securing a network meant putting in a firewall, intrusion detection system, and installing antivirus software on the desktop. Unfortunately, attackers have grown more nimble and effective, meaning that traditional security programs are no longer effective. Today's effective cyber security programs take these best practices and overlay them with intelligence. Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. Properly-implemented intelligence also makes the life of the security practitioner easier by helping him more effectively prioritize and respond to security incidents. The problem with current efforts is that many security practitioners don't know how to properly implement an intelligence-led program, or are afraid that it is out of their budget. Building an Intelligence-Led Security Program is the first book to show how to implement an intelligence-led program in your enterprise on any budget. It will show you how to implement a security information a security information and event management system, collect and analyze logs, and how to practice real cyber threat intelligence. You'll learn how to understand your network in-depth so that you can protect it in the best possible way. Provides a roadmap and direction on how to build an intelligence-led information security program to protect your company. Learn how to understand your network through logs and client monitoring, so you can effectively evaluate threat intelligence. Learn how to use popular tools such as BIND, SNORT, squid, STIX, TAXII, CyBox, and splunk to conduct network intelligence.
Item type: eBooks
Star ratings
    Average rating: 0.0 (0 votes)
No physical items for this record

Includes bibliographical references and index.

Understanding the threat -- What is intelligence? -- Building a network security intelligence model -- Gathering data -- Internal intelligence sources -- External intelligence sources -- Fusing internal and external intelligence -- CERTs, ISACs, and intelligencec-sharing communities -- Advanced intelligence capabilities.

Print version record.

As recently as five years ago, securing a network meant putting in a firewall, intrusion detection system, and installing antivirus software on the desktop. Unfortunately, attackers have grown more nimble and effective, meaning that traditional security programs are no longer effective. Today's effective cyber security programs take these best practices and overlay them with intelligence. Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. Properly-implemented intelligence also makes the life of the security practitioner easier by helping him more effectively prioritize and respond to security incidents. The problem with current efforts is that many security practitioners don't know how to properly implement an intelligence-led program, or are afraid that it is out of their budget. Building an Intelligence-Led Security Program is the first book to show how to implement an intelligence-led program in your enterprise on any budget. It will show you how to implement a security information a security information and event management system, collect and analyze logs, and how to practice real cyber threat intelligence. You'll learn how to understand your network in-depth so that you can protect it in the best possible way. Provides a roadmap and direction on how to build an intelligence-led information security program to protect your company. Learn how to understand your network through logs and client monitoring, so you can effectively evaluate threat intelligence. Learn how to use popular tools such as BIND, SNORT, squid, STIX, TAXII, CyBox, and splunk to conduct network intelligence.

Elsevier ScienceDirect All Books

Previous
Back to results
Next
Close

Copyright © 2020 Alfaisal University Library. All Rights Reserved.
Tel: +966 11 2158948 Fax: +966 11 2157910 Email: librarian@alfaisal.edu