Security Incident Discovery and Correlation on .Gov Networks
• Presentation
In this presentation, the authors discuss their work on correlating security incident discovery to .gov networks.
Publisher
Software Engineering Institute
Topic or Tag
Abstract
Takeaways:
- Harness flow data to identify security events and incidents of interest across the enterprise.
- Develop automated queries to do work for you and vet results for accuracy.
- Tune appropriately.
- Layered view to provide a user-friendly view of information and data pertinent to different levels of organizations.
- Customize different views across organizations:
- Leadership / Security Operations
- Technicians / Responders
- Constituents
- Customize different views across organizations:
Part of a Collection
FloCon 2011 Collection
This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.