Security Monitoring (NSM). NSM is the collection,
analysis, and escalation of indications and warnings
to detect and respond to intrusions. NSM tools are
used more for network audit and specialized
applications than traditional alert-centric "intrusion
detection" systems.
Want to learn more about Network Security Monitoring
(NSM)? Then check out Richard Bejtlich's recently
released book, The Tao of Network Security Monitoring:
Beyond Intrusion Detection. An excerpt reads:
"Network security monitoring (NSM) equips security
staff to deal with the inevitable consequences of too
few resources and too many responsibilities. NSM collects
the data needed to generate better assessment, detection,
and response processes--resulting in decreased impact from
unauthorized activities."
WWW: http://sguil.sourceforge.net/index.phppauls@utdallas.edu
PR: ports/104227
Submitted by: Paul Schmehl <pauls at utdallas.edu>
