4 min
Automation and Orchestration
Fine Tuning Your Intrusion Detection System to Minimize False Positive Alerts
Monitoring and protecting your company’s assets is one of the most important
jobs you can perform. It can be tedious sometimes, but overall it can have the
biggest impact to the business if compromised.
Having alerts set up in your SIEM [http://851y.ztrl.net/fundamentals/siem/],
IDS and FIM solutions
[http://851y.ztrl.net/solutions/file-integrity-monitoring/] can ultimately
keep you on track. Eliminating false positive results can be a whole different
story. Being able to pick out false pos
5 min
Intrusion Detection
The Pros & Cons of Intrusion Detection Systems
Network Intrusion Detection System (NIDS)
A network intrusion detection system (NIDS) can be an integral part of an
organization’s security, but they are just one aspect of many in a cohesive and
safe system. They have many great applications, but there are also weaknesses
that need to be considered. It is important to compare an NIDS against the
alternatives, as well as to understand the best ways to implement them.
What Is an Intrusion Detection System?
Intrusion detection systems
[http://ww
1 min
Automation and Orchestration
What are Networking Intrusion Prevention/Detection Systems?
NID(P)S, or Networking Intrusion (Prevention)/Detection Systems
[http://851y.ztrl.net/fundamentals/intrusion-detection-and-prevention-systems-idps/]
are used by a security team for general network security
[http://851y.ztrl.net/fundamentals/what-is-network-security/] monitoring. They
work by passively monitoring (or actively gating, in the NIPS case) network
traffic and applying rules or signatures to trigger alerts.
Advantages
* Easy to deploy: Unlike endpoint devices, they can be placed