Yes, ma'am, we are on the same page. :)
Monitoring logs may not BE security in the classical sense, but it should be a security enabler. Things like: * why am I seeing ingress/egress traffic to an IP I thought was firewalled? * why am I seeing triggers to IDS…
Yes, ma'am, we are on the same page. :)
Monitoring logs may not BE security in the classical sense, but it should be a security enabler. Things like: * why am I seeing ingress/egress traffic to an IP I thought was firewalled? * why am I seeing triggers to IDS…