• Search
• Free Magazines
• Newest Links
• Categories
• Register
• Login

Event Correlation in Security

Added by Papergrl

Description: A recent security spending survey by Information Security Magazine indicates that deployment rates of many security technologies will soar in the next three years. All the above devices, whether aimed at prevention or detection, generate huge volumes of audit data. Firewalls and other devices logging network connection information are especially guilty of producing vast oceans of data. Many diverse data formats and representations are used for those log files and audit trails. Also, a percentage of events generated by network IDS and IPS are false alarms and do not map to real threats. To further confuse the issue, different devices might report on the same things happening on the network, but in a different way, with no apparent way of figuring the truth of their relationship.