[内容简介]
Information Security Analytics gives you insights into the practice of analytics and, more importantly, how you can utilize analytic techniques to identify trends and outliers that may not be possible to identify using traditional security analysis techniques.
Information Security Analytics dispels the myth that analytics within the information security domain is limited to just security incident and event management systems and basic network analysis. Analytic techniques can help you mine data and identify patterns and relationships in any form of security data. Using the techniques covered in this book, you will be able to gain security insights into unstructured big data of any type.
The authors of Information Security Analytics bring a wealth of analytics experience to demonstrate practical, hands-on techniques through case studies and using freely-available tools that will allow you to find anomalies and outliers by combining disparate data sets. They also teach you everything you need to know about threat simulation techniques and how to use analytics as a powerful decision-making tool to assess security control and process requirements within your organization. Ultimately, you will learn how to use these simulation techniques to help predict and profile potential risks to your organization.
- Written by security practitioners, for security practitioners
- Real-world case studies and scenarios are provided for each analytics technique
- Learn about open-source analytics and statistical packages, tools, and applications
- Step-by-step guidance on how to use analytics tools and how they map to the techniques and scenarios provided
- Learn how to design and utilize simulations for "what-if" scenarios to simulate security events and processes
- Learn how to utilize big data techniques to assist in incident response and intrusion analysis
[目录]
Chapter 1: Analytics Defined
Chapter 2: Primer on Analytics Software and Tools
Chapter 3: Analytics and Incident Response
Chapter 4: Simulations and Security Processes
Chapter 5: Access Analytics
Chapter 6: Technical Risk Profiling
Chapter 7: Security Intelligence and Next Steps