With numerous ICS solutions and approaches available, it can be difficult to determine which one is right for your organization.
This paper covers the key considerations in key technologies for comprehensive asset identification, threat detection and response, and how to best leverage technologies for your needs.
Considerations addressed:
- Why use passive or active scanning for asset identification?
- How does deep packet inspection (DPI) provide more comprehensive asset identification and threat detection?
- How are machine learning, anomaly detection, threat behavior analytics and indicators best utilized by security analysts?
- When and how to engage in threat hunting?
- Deployment considerations