Security Operations Center Data Analytics

Security Operations Center Data Analytics

  1. Log mining is a type of log analysis that takes several forms, including the following:
    1. Sequencing: Reconstructing or following the network traffic flow.
    2. Path analysis: An interpretation of a chain of consecutive events that occur during a set period of time. Path analysis is a way to understand an attacker’s behavior in order to gain actionable insights into log data.
    3. Log clustering: Used to mine through large amounts of log data to build profiles and to identify anomalous behavior.
  2.  Raw Network Packet Capture Analysis
  3.  Real-Time Rule-Based Alerts.
Comments are closed.