Expanding the Security Toolbox: A SANS whitepaper
From a cybersecurity perspective, defending an organization can seem like a daunting, and sometimes impossible, task. As businesses embrace more technologies, threat actors waste little time discovering new tactics and techniques to infiltrate organizations.
This paper focuses on the power of combining multiple data points to achieve as much visibility as possible within an enterprise. As you read this paper, consider the following questions about your own environment:
- How much visibility do we have into the various elements of the organization?
- What data points does my security team currently utilize to detect and respond to incidents?
- Does my security team write their own detections? If so, do we utilize all the data points identified above?
- How much do we know about our exposure to risk?