Preview Mode Links will not work in preview mode

Feb 14, 2021

Ronnie Watson (@secopsgeek)

Youtube: watson infosec - YouTube

watsoninfosec (Watsoninfosec) · GitHub

 

Feel free to add anything you like

Wazuh - fork of OSSEC (Migrating from OSSEC · Wazuh · The Open Source Security Platform)

 

GitHub - ossec/ossec-hids: OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

Implementing a Network Security Metrics Programs (giac.org)

What to track.

Some suggested metrics to start with: 

  1. Number of Successful Logons – from security audits. 
  2. Number of Unsuccessful Logons – from security audits. 
  3. Number of Virus Infections during a given period. 
  4. Number of incidents reported. 
  5. Number of security policy violations during a given period. 
  6. Number of policy exceptions during a given period. 
  7. Percentage of expired passwords.
  8. Number of guessed passwords – use a password cracker to test passwords. 
  9. Number of incidents. 
  10. Cost of monitoring during a given period – use your time tracking system if you have one.

6 Essential Security Features for Network Monitoring Solutions (solutionsreview.com)

Metrics of Security (nist.gov)

Security metrics are essential to comprehensive network security and CSA management. Without good metrics, analysts cannot answer many security related questions. Some examples of such questions include “Is our network more secure today than it was before?” or “Have the changes of network configurations improved our security posture?”

The ultimate aim of security metrics is to ensure business continuity (or mission success) and minimize business damage by preventing or minimizing the potential impact of cyber incidents. 

 

DNS over HTTPs  DNS over HTTPS - Wikipedia