Karen Scarfone has nearly 25 years of professional IT experience, with over 15 years of that dedicated to information security. As a managing consultant at CyberEdge, Karen oversees security content development, custom research, and publishing projects.
My colleague, Steve Piper, and I just finished writing a free e-book: The Definitive Guide to Security Intelligence and Analytics. In this comprehensive e-book, we cover how you can use security intelligence and analytics technologies to greatly improve detection and to stop threats before damage can be done.
The e-book has three main purposes:
In the e-book, you’ll also learn how to understand attacks and threats, improve detection, streamline response processes, select the right solution, and deploy a solution.
One of the most important topics covered by the book is using security analytics techniques to automate the discovery of security events, minimizing the need for human involvement.
Most organizations have enormous volumes of security events to review on a continuous basis, and that can’t be done without heavily relying on automation. Automating security analytics helps organizations to detect malicious activity much more quickly so they can stop it and minimize the damage it would otherwise cause.
A security intelligence and analytics platform uses several types of techniques together for threat detection. One technique is for the platform to establish baselines over time for normal activity and then identify significant changes from those baselines.
Another technique is to use threat intelligence feeds from third parties that capture the characteristics of the latest threats attacking other organizations and individuals around the world.
A final example of a threat detection technique is correlating information from several of the organization’s systems and security controls to identify a security event that traverses all of those places.
Event discovery automation is just one example of a topic the e-book includes. It covers everything from understanding the basics of the cyberattack lifecycle and threat management to streamlining incident management, threat investigation, and threat mitigation processes. It even outlines the four phases of the security intelligence and analytics platform implementation process, providing insights and recommendations for performing each phase.
Thanks to LogRhythm, The Definitive Guide to Security Intelligence and Analytics e-book is available as a PDF for you to download.
Security strategies are evolving; driven by regulatory requirements, customer expectations around data privacy and AI-driven…
In our April 2024 quarterly release, LogRhythm Axon showcases new enhancements from its two week…
In our April 2024 quarterly release, LogRhythm SIEM introduces new enhancements to bring you faster…