SANS Control 6—”Maintenance, Monitoring and Analysis of Audit Logs” The Core Principle The core principle is this: fish nets over fishing lines. In the case of security monitoring, fish nets are alerting on anomalies, where anomalies are defined as universal constants that have been broken. Fishing lines are manual search procedures. Phrase this principle like […] The post Core Control #6: Log Everything appeared first on Ken Kantzer's Blog.
