Network security has evolved well beyond packet inspections and signature mapping as malware, zero-day exploits and advanced persistent threats continue to outpace older technologies. As applications, systems and users continue to test network security; system and network configuration management, enterprise vulnerability scanning and antimalware technologies have advanced to help security teams monitor network traffic and detect abnormalities in dynamic IT environments. As these technologies increasingly become available, many organizations are re-evaluating continuous network monitoring as a best practice for cybersecurity.
In this video, Dave Shackleford discusses how to implement a continuous monitoring program with help from widely used tools and vendors who are focused on enhancing the technology. View the video
Integrating continuous monitoring into your security program can improve everything from configuration and patch management to event monitoring and incident response. Continue reading
What to monitor is a key question in the early stages of a continuous monitoring program. Shackleford offers some tips to help you get started. Continue reading
About the author
Dave Shackleford is the owner and principal consultant of Voodoo Security LLC; lead faculty at IANS; and a SANS analyst, senior instructor and course author. He previously worked as CSO at Configuresoft; as CTO at the Center for Internet Security; and as a security architect, analyst and manager for several Fortune 500 companies. He currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance.
Read the full October edition of Information Security magazine