What is Threat Monitoring?

The ongoing collection, analysis, and review of attempted and/or successful compromises at the network, platform, data  and process levels.

Process Overview

The purpose of the Threat Monitoring Process is to standardize and explain the processing activities and steps involved in monitoring threat conditions to organization information assets.

Supporting Technologies

• Network threat detection software/hardware.
• Platform threat detection software/hardware.  Limited support through platform event logging.
• Application threat detection through application event logging.
• Centralized threat report repository software/hardware.

Process Dependencies

• Help Desk/Problem Management
• Data Center Operations
• Network Operations
• Contingency Planning/Disaster Recovery