Beyond intrusion detection
Making sense of security software event logs, whether it's from your firewall or an expensive intrusion detection system, can be like trying to drink from a fire hose. Even when you find a real problem, what do you do?
But intrusion detection is definitely not a bad idea. No matter how smart you think you are, you've probably overlooked something in your firewall configuration.
Liz Simpson talks about intrusion detection and uses two security companies - Counterpane and Securify - to describe the difference in their approach.
[ Read more ]
- News: IDS Evasion Techniques and Tactics (7 May 2002)
- Article: Structural versus Operational Intrusion Detection (8 April 2002)
- Article: Interpreting Network Traffic: A Network Intrusion Detector's Look At Suspicious Events (4 April 2002)
- Press Release: Securify SecurVantage Security Metrics Set Baseline for Verifying Network Security Health (1 April 2002)
- Article: Information Warfare: When Intrusion Detection Isn't Enough (1 April 2002)