CSA MC provides a set of rules that can be applied to both Windows and UNIX hosts. Rules respond to system and kernel requests based on their operating system architecture. System correlation rules can be used to categorize processes and correlate events across multiple hosts.
CSA MC provides a set of rules that can be applied to both Windows and UNIX hosts. Rules respond to system and kernel requests based on their operating system architecture. System correlation rules can be used to categorize processes and correlate events across multiple hosts.
Direitos autorais:
Attribution Non-Commercial (BY-NC)
Formatos disponíveis
Baixe no formato PPS, PDF, TXT ou leia online no Scribd
CSA MC provides a set of rules that can be applied to both Windows and UNIX hosts. Rules respond to system and kernel requests based on their operating system architecture. System correlation rules can be used to categorize processes and correlate events across multiple hosts.
Direitos autorais:
Attribution Non-Commercial (BY-NC)
Formatos disponíveis
Baixe no formato PPS, PDF, TXT ou leia online no Scribd
• CSA MC includes rules for file management, network access,
registry control, and application management. • Rules can be broadly categorized into enforcement rules and detection rules. • Rules respond to system and kernel requests based on their operating system architecture. • CSA MC provides a set of rules that can be applied to both Windows and UNIX hosts. • CSA MC also provides distinct set of rules to protect Windows-specific and UNIX-specific components. • The system correlation rules in CSA MC can be used to categorize processes and correlate events across multiple hosts.