Get a Pentest and security assessment of your IT network.

News

Security Event Correlation: Looking Back, Part 2

Security Event Correlation: Looking Back, Part 1 I discussed a story from November 2000 about security event correlation. The article shows how an adversary scans for CGI scripts phf, formmail, and survey.cgi, and how four data sources — a router, a firewall, an IDS, and a Web server — see the reconnaissance events. There is zero mention of whether the target of this incident matters, or what compensating controls might exist, or a dozen other lacking contextual issues. In other words, correlation isn’t the governing principle; access to the right sort of evidence dominates.”]

Source: https://taosecurity.blogspot.com/2008/10/security-event-correlation-looking-back_25.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2