NSM Network Security Monitoring

NSM or Network Security Monitoring.^[1] is a concept in computer security ^[2] domain wherein the alert generated by Intrusion Detection Systems IDS ^[3] appliances is captured for further analysis. IDS only alert regarding a particular alert but that data is mostly insufficient for security analysts. It is required to capture the traffic to analyse it further. IDS appliances like Snort ^[4], Suricata ^[5] work with NSM tools like Sguil^[6]^[7] This helps security analysts to work on the data further rather than looking at just plain alert. The data from the NSM can be integerated with SIEM ^[8] tools to build a solid security analysis platform.

References[edit]

This article "NSM Network Security Monitoring" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:NSM Network Security Monitoring. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.

[1] ttps://searchsecurity.techtarget.com/tip/Network-security-monitoring-Going-beyond-intrusion-detection

[2] ttps://en.wikipedia.org/wiki/Computer_security

[3] ttps://en.wikipedia.org/wiki/Intrusion_detection_system

[4] ttps://en.wikipedia.org/wiki/Snort_(software)

[5] ttps://suricata-ids.org/

[6] sguil.net/

[7] ttps://en.wikipedia.org/wiki/Sguil

[8] ttps://en.wikipedia.org/wiki/Security_information_and_event_management

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]