SANS White Paper
Network Visibility Requirements for Cybersecurity
A recent report from the SANS Institute identifies a trend toward leveraging packets to improve the overall cybersecurity posture of the world's largest businesses and governmental organizations.
A recent report from the SANS Institute, “Advance Your Security Posture with Comprehensive Network Visibility”, authored by Senior SANS instructor, Dave Shackleford, identifies a trend toward leveraging packets to improve the overall cybersecurity posture of the world's largest businesses and governmental organizations.
Why collect and analyze network information for security? The network itself cannot be evaded, is extremely difficult to manipulate, and is always on. This information helps security teams meet their goals to reduce the time it takes to detect, investigate, and remediate cyber and/or other IT threats, with the ultimate business goal of reducing IT risk.
Key Findings:
- Network data reveals patterns of behavior across multiple systems and provides an "environment view."
- Solutions that provide full packet data and network metadata prove much more valuable over time.
- Tools need to be robust enough to gather and store network metadata and packets.
Read the full SANS Report for in-depth analysis of these and many more findings.