Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
security_wiki:main [2016/03/09 22:12] billdozor |
security_wiki:main [2019/05/25 23:50] (current) |
||
---|---|---|---|
Line 9: | Line 9: | ||
===== IDS/IPS ===== | ===== IDS/IPS ===== | ||
- | * Qradar | + | * Cisco SourceFire |
- | * ArcSite | + | |
* Snort IDS | * Snort IDS | ||
* CheckPoint | * CheckPoint | ||
* BroNSM | * BroNSM | ||
+ | * TrendMicro Tipping Point | ||
---- | ---- | ||
===== The Rules of Network Security ===== | ===== The Rules of Network Security ===== | ||
- | | + | |
* Never admit | * Never admit | ||
* Deny everything | * Deny everything | ||
Line 24: | Line 24: | ||
* Make counter-allegations | * Make counter-allegations | ||
* Act belligerent and throw stuff | * Act belligerent and throw stuff | ||
- | | + | |
- | | + | |
- | * **Alternate: | + | |
- | | + | |
- | | + | |
- | | + | |
* Is it in the wiki? | * Is it in the wiki? | ||
* Paper trail or it didn't happen, CC everyone or you didn't do it. | * Paper trail or it didn't happen, CC everyone or you didn't do it. | ||
* If it isn't in an email, or ticket, it never happened. | * If it isn't in an email, or ticket, it never happened. | ||
- | | + | |
---- | ---- | ||
Line 51: | Line 51: | ||
---- | ---- | ||
+ | ==== SIEMs ==== | ||
+ | * [[ HPE ArcSight ]] | ||
+ | * [[ LogRhythm ]] | ||
+ | * IBM QRadar | ||
+ | * McAfee Nitro | ||
+ | |||
+ | ---- |