03. Monitoring and Logging for Detection of Malicious Activity

Developing Your Intuition About Monitoring and Logging for Detection of Malicious Activity Heading

Monitoring and Logging for Detection of Malicious Activity

ND545 C02 L03 A03 Developing Your Intuition

Developing Your Intuition About Monitoring and Logging for Detection of Malicious Activity Summary

Researching alerts is a simple job task. Remembering and learning what the context was when an alert was positive is the key.

That is what is building your intuition.

The primary practical takeaway from this example is don't become myopic when looking at alerts, always back out the scope a bit and look at what happened just before and after.

Be aware of the Superman effect when dealing with security. If it seems impossible for someone to be in two places that are far apart, then it's time to secure the account.

Be aware of the Superman effect when dealing with security. If it seems impossible for someone to be in two places that are far apart, then it's time to secure the account.

Next Concept