[INE] Actionable Information from Aggregated Log Data
A centralized logging system is only one part of a complete logging infrastructure. In order to properly protect an IT infrastructure from malicious actors, useful information needs to be extracted from that log data. Throughout this course, we will examine various logging formats and sources, and how proper aggregation and correlation strategies can help pull that actionable intelligence that is required for proper countermeasure construction. In addition, we’ll look at various tools that can be used throughout the process and the importance of continuous monitoring of not only logs and alerts, but also countermeasure effectiveness.
Instructor: Brian Olliff
Duration: 15 Lessons ( 3h 42m )
Size: 3.21 GB