Data Security

The power of time in cybersecurity investigations

August 11, 2021
Today’s columnist, Brian Dye of Corelight, says security teams need to treat historical data as a first-class citizen in the SOC. https://www.flickr.com/photos/[email protected]; https://creativecommons.org/licenses/by-nc-sa/2.0/legalcode
  • Compact: Companies can’t keep quarters (or years) of data if they need petabytes of storage.
  • Richly detailed: The depth and insight that analysts need to drive effective investigations.
  • Judgment free: We need ground truth, not just a historical stockpile of alerts, as we will be looking for what we didn’t know about at the time.
prestitial ad