Building Correlation Rules for Behavioral Analysis
Tripwire Log Center provides you with built-in security content in the form of correlation rules. These out-of-the-box rules can help you identify the high priority items out of a sea of log data. In this video you will learn how to:
- Use the highly visual drag-n-drop rule builder to easily create and modify correlation content
- Create behavioral rules leveraging various criteria to detect most common types of attacks
- Modify the existing pre-built rules to customize based on your IT environment to provide tuned-in incident detection
- Create alerts to ensure the right people know about issues before they become problems, as well as disabling accounts all from a simple interface.
- Reduce the breach to detection gap and be able to act faster in the event of a compromise to your security system