Introduction
Security Event Management (SEM) systems, Security Information Management (SIM) systems, and Security Threat Mitigation (STM) systems are all solutions with a primary goal of making it easier to determine when bad things are happening on your network. Ideally, the tools we use to correlate events between various network and security devices or software will detect malicious behavior before damage is done, rather than letting us know when we’ve already been compromised.
This book is intended to describe how a third-generation tool, the Cisco Security Monitoring, Analysis, and Response System (CS-MARS), performs as an STM solution.
Get Security Monitoring with Cisco Security MARS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
