What is Threat Monitoring?
The ongoing collection, analysis, and review of attempted and/or successful compromises at the network, platform, data and process levels.
The purpose of the Threat Monitoring Process is to standardize and explain the processing activities and steps involved in monitoring threat conditions to organization information assets.
- Network threat detection software/hardware.
- Platform threat detection software/hardware. Limited support through platform event logging.
- Application threat detection through application event logging.
- Centralized threat report repository software/hardware.
- Help Desk/Problem Management
- Data Center Operations
- Network Operations
- Contingency Planning/Disaster Recovery