Adversary Emulation w/ Carlos Perez - PSW #789
Security Weekly Podcast Network (Audio)
00:00
How to Find Gaps in Event Logs
There is no solution out there that actually looks for when you have a gap in your logs. You need a segment of the log that you know for sure was normal as the benchmark. But logs are never constant like that. Or if you have enough data, you can create a model. Yeah, but the level of maturity that you need in that organization to be able to get the buy-in to implement that is very, very, very high.
Play episode from 01:01:03
Transcript
