Feb 14, 2021
Ronnie Watson (@secopsgeek)
Youtube: watson infosec - YouTube
Feel free to add anything you like
Wazuh - fork of OSSEC (Migrating from OSSEC · Wazuh · The Open Source Security Platform)
GitHub - ossec/ossec-hids: OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
What to track.
Some suggested metrics to start with:
Security metrics are essential to comprehensive network security and CSA management. Without good metrics, analysts cannot answer many security related questions. Some examples of such questions include “Is our network more secure today than it was before?” or “Have the changes of network configurations improved our security posture?”
The ultimate aim of security metrics is to ensure business continuity (or mission success) and minimize business damage by preventing or minimizing the potential impact of cyber incidents.
DNS over HTTPs DNS over HTTPS - Wikipedia