Cyber Security Monitoring and Logging Guide
The scope of this Guide could be very large and unwieldy, so it has been refined to focus on key areas, thereby excluding some important cyber security topics (but certainly not all), such as:
- Cyber security incident response, which is covered in a separate CREST guide • In-depth analysis of fields in event logs, as these are well covered in the CPNI/Context report entitled Effective Cyber Security Log Management
- Deep technical analytical tools and techniques, typically used by commercial cyber security monitoring and logging experts
- Cyber security insurance.
The material in this Guide will provide valuable input to each of these topics, any of which could be the subject of a future research project.