« Previous 1 2 3
Security analysis with Security Onion
Collector
Conclusions
Security Onion gives you a comprehensive environment for monitoring and analyzing your IT infrastructure without too much overhead. For small IT departments, in particular, this can be a good introduction to professional IT security. That said, Security Onion only gives you the framework for monitoring and analysis and is not a standalone solution. Assessing the criticality of incidents and alerts, fine-tuning the monitoring tools, and case-by-case searches for IoCs are all tasks that a member of the workforce will need to handle. For a useful deployment, you need to have sufficient human resources to actually operate with the tools that Security Onion provides.
Infos
- Security Onion: https://securityonionsolutions.com
- Sigma format: https://github.com/SigmaHQ/sigma
- CyberChef: https://gchq.github.io/CyberChef/
- Download: https://securityonionsolutions.com/software
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)