Security operations center (SOC) teams have completely given up on network intrusion detection and prevention sensors. 70 to 85 percent of sensors deployed are not performing for their owners, author says. Sensitivity in a network sensor is directly related to the number, diversity and effectiveness of signatures enabled on your devices. Compliance is our own worst enemy. Network monitoring is essential, but an organization can still be compliant if it barely works, he says. There are three aspects to consider when evaluating network sensor grids, including visibility, sensitivity and defensive utility.
Source: https://threatpost.com/making-sense-security-sensor-landscape/161911/