NSM Network Security Monitoring
NSM or Network Security Monitoring.[1] is a concept in computer security [2] domain wherein the alert generated by Intrusion Detection Systems IDS [3] appliances is captured for further analysis. IDS only alert regarding a particular alert but that data is mostly insufficient for security analysts. It is required to capture the traffic to analyse it further. IDS appliances like Snort [4], Suricata [5] work with NSM tools like Sguil[6][7] This helps security analysts to work on the data further rather than looking at just plain alert. The data from the NSM can be integerated with SIEM [8] tools to build a solid security analysis platform.
References[edit]
- ↑ https://searchsecurity.techtarget.com/tip/Network-security-monitoring-Going-beyond-intrusion-detection
- ↑ https://en.wikipedia.org/wiki/Computer_security
- ↑ https://en.wikipedia.org/wiki/Intrusion_detection_system
- ↑ https://en.wikipedia.org/wiki/Snort_(software)
- ↑ https://suricata-ids.org/
- ↑ sguil.net/
- ↑ https://en.wikipedia.org/wiki/Sguil
- ↑ https://en.wikipedia.org/wiki/Security_information_and_event_management
This article "NSM Network Security Monitoring" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:NSM Network Security Monitoring. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.