Foreword
If a tree falls in the forest but nobody is around to hear it, does it make a sound? Philosophers and physicists have volleyed that brainteaser for years. But consider it as a metaphor for your computer systems. If an event is logged on your network, but nobody monitors your logs, how can you determine whether an attack occurred? By missing out on the opportunity to catch bad guys early through solid event analysis, you’ve extended and deepened your exposure to the attacker’s foul plot. You’ll never know what’s going on until the bad guys start making blatant changes on your systems, wreaking all kinds of damage. In many modern enterprise networks, Security Information Management tools, or SIMs for short, are crucial in helping to manage, ...
Get Security Monitoring with Cisco Security MARS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
