Security Trend Analysis

  • Ways to look at the past and try to predict the future. A way to be proactive.

  • Trend analysis

  • What to look for?

    • Frequency based. Network traffic spikes. Logon failures. CPU usage spikes. Errors.

    • Volume based. How much of a resource is consumed. Log usage. Events in a timeframe. Network traffic volume.

    • Monitoring – Too much information!

      • Tune down sensitivity.

      • Or ignore it.

    • Alerts vs Security Incidents

    • Compliance audits

    • News on new vulnerabilities

      • SANS

      • Dark Reading

      • Microsoft Defender Security

      • Fireeye

      • Alienvault

      • Symantec

      • Cisco Talos

    • SIEM can help collect information and look at trends.

Last updated