Repeat after me, I will be breached. Most organizations realize thisfact too late, usually after a third party informs them months afterthe initial compromise. Treating security monitoring as a quarterlyauditing process means most compromises will go undetected for weeksor months. The attacks are continuous, and the monitoring must match.
This talk will help you face this problem and describe how to moveyour organization to a more defensible security architecture thatenables continuous security monitoring. The talk will also give you ahint at the value you and your organization will gain from attendingSeth Misenar and Eric Conrad's new course: SANS SEC511: ContinuousMonitoring and Security Operations.