Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Internet Security | DShield SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Day 11 - Identification: Other Methods of Identifying an Incident

Well, today is Day 11 of the Cyber Security Awareness Month and the last day of Identification.

We have covered in the last few days the more common methods of deciding that an event is actually an incident, including:

  • Events versus Incidents
  • Network-based Intrusion Detection Systems
  • Host-based Intrusion Detection Systems
  • Global Incident Awareness
  • Log and Audit Analysis
  • Using Your Help Desk to Identify Security Incidents

But today, we're interesting in hearing your stories from the field on unusual, interesting, and even funny stories of how you made the decision point of moving from event to incident. Drop us a note via the contact form, and we'll update the diary as we go along


89 Posts
Oct 11th 2008

Sign Up for Free or Log In to start participating in the conversation!