{"title":"构建安全运营中心的最佳实践","authors":"Diana Kelley, Ron Moritz","doi":"10.1201/1086.1065898X/45782.14.6.20060101/91856.6","DOIUrl":null,"url":null,"abstract":"Abstract If one cannot effectively manage the growing volume of security events flooding the enterprise, one cannot secure one's business. Yet IT security teams are now being overwhelmed by literally millions of security-related messages every day. This daily deluge of security data is being generated by the numerous “point” security solutions deployed across the enterprise: firewalls, intrusion prevention and detection, access control, identity management, anti-virus, etc. These solutions all generate information in different formats, store it in different places, and forward to different locations. And it is more than anyone can handle.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2006-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Best Practices for Building a Security Operations Center\",\"authors\":\"Diana Kelley, Ron Moritz\",\"doi\":\"10.1201/1086.1065898X/45782.14.6.20060101/91856.6\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract If one cannot effectively manage the growing volume of security events flooding the enterprise, one cannot secure one's business. Yet IT security teams are now being overwhelmed by literally millions of security-related messages every day. This daily deluge of security data is being generated by the numerous “point” security solutions deployed across the enterprise: firewalls, intrusion prevention and detection, access control, identity management, anti-virus, etc. These solutions all generate information in different formats, store it in different places, and forward to different locations. And it is more than anyone can handle.\",\"PeriodicalId\":36738,\"journal\":{\"name\":\"Journal of Information Systems Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Systems Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1201/1086.1065898X/45782.14.6.20060101/91856.6\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"Social Sciences\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Systems Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1201/1086.1065898X/45782.14.6.20060101/91856.6","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Social Sciences","Score":null,"Total":0}
Best Practices for Building a Security Operations Center
Abstract If one cannot effectively manage the growing volume of security events flooding the enterprise, one cannot secure one's business. Yet IT security teams are now being overwhelmed by literally millions of security-related messages every day. This daily deluge of security data is being generated by the numerous “point” security solutions deployed across the enterprise: firewalls, intrusion prevention and detection, access control, identity management, anti-virus, etc. These solutions all generate information in different formats, store it in different places, and forward to different locations. And it is more than anyone can handle.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
