Avoiding Silent Automation
See how you can work with Python's flexible logging system to create an overall monitoring system that includes the messages from your network devices, your infrastructure applications, and your automation scripts.
Mid Season Check-in with NetDevOps Live!
NetDevOps Live! episodes in April were fantastic, looking at Ansible, GitLab, Batfish and HashiCorp. Get ready for May's amazing line-up, with shows on Postman, NetBox, and ELK!
The Power of Logging in Incident Response
A deep dive into logging as an often-overlooked but powerful tool for incident detection and response “Lack of instrumentation or insufficient logging” is often a phrase used on incident response...
Using a “Playbook” Model to Organize Your Information Security Monitoring Strategy
CSIRT, I have a project for you. We have a big network and we’re definitely getting hacked constantly. Your group needs to develop and implement security monitoring to get our malware and hacking problem under control. If you’ve been a security engineer for more than a few years, no doubt you’ve received a directive […]
To SIEM or Not to SIEM? Part I
Security information and event management systems (SIEM, or sometimes SEIM) are intended to be the glue between an organization's various security tools. Security and other event log sources export their...
Getting a Handle on Your Data
When your incident response team gets access to a new log data source, chances are that the events may not only contain an entirely different type of data, but may also be formatted differently than any log data source you already have. Having a data collection and organization standard will ease management and analysis of […]