Continuous security monitoring approaches take security monitoring to the next level. Instead of simply focusing on the periodic review of logs for unusual activity, they conduct this analysis in real time, and can even take action in response to suspicious events. In this video, learn about continuous security monitoring activities.
- [Instructor] Continuous security monitoring approaches…take security monitoring to the next level.…Instead of simply focusing on the periodic review of logs…for unusual activity,…they conduct this analysis in real time…and can even take action in response to suspicious events.…Here's a more formal definition of continuous monitoring…from NIST.…Information security continuous monitoring…is maintaining ongoing awareness of information security,…vulnerabilities, and threats to support…organizational risk management decisions.…
As with many other information security activities,…NIST provides a framework for developing…a continuous approach to security monitoring.…They begin with three core characteristics…of a continuous monitoring program.…They should map to an organization's risk tolerance.…You need to make sure…that the continuous monitoring activities you undertake…are appropriate for your environment.…Security is an ever changing field…and businesses evolve as needs change.…Continuous security monitoring programs…
Author
Mike Chapple
Updated
5/18/2018Released
1/11/2018- Risk management actions
- Ongoing risk management
- Risk management frameworks
- Scanning for threats and vulnerabilities
- Advanced vulnerability scanning
- Monitoring log files
- Code review and code tests
- Test coverage analysis
Skill Level Intermediate
Duration
Views
Q: This course was updated on 05/18/2018. What changed?
A: New videos were added that cover identifying threats, understanding attacks, technology and process remediation, remediating vulnerabilities, and security monitoring. In addition, the following topics were updated: risk management and monitoring log files.
-
Introduction
-
Welcome1m 26s
-
-
1. Risk Management
-
Risk management4m 52s
-
Quantitative risk assessment6m 41s
-
Risk management actions4m 3s
-
Ongoing risk management2m 26s
-
Risk management frameworks3m 47s
-
-
2. Threat Modeling
-
Identifying threats2m 21s
-
Understanding attacks4m 11s
-
-
3. Threat Assessment
-
Security assessment tools5m 21s
-
Assess threats3m 14s
-
Threat assessment techniques2m 41s
-
Penetration testing2m 36s
-
Interpreting CVSS scores3m 22s
-
Analyzing scan reports3m 59s
-
-
4. Remediating Vulnerabilites
-
Report scan results4m 43s
-
Prioritize remediation3m 46s
-
-
5. Security Monitoring
-
Monitor log files6m 20s
-
Visualization and reporting3m 22s
-
Compliance monitoring2m 45s
-
-
6. Software Testing
-
Code review2m 50s
-
Code tests2m 41s
-
Fuzz testing6m 44s
-
Interface testing3m 29s
-
Misuse case testing2m 37s
-
Test coverage analysis2m 44s
-
-
Conclusion
-
What's next?43s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Continuous security monitoring