Modifications to configurations based on threat indicators

Printer Friendly Page

Configuration Improvement - Modifications to configurations based on threat indicators

 

It is important to continuously monitor for Indicators of Compromise. As firewall configurations are modified based on changing developments in the customer network, the firewall configuration and the traffic flowing through the firewall needs be constantly watched for threats, misconfiguration, mistakes, and other issues affecting the firewall configuration. Time constraints require that this monitoring and maintenance process not be excessively time consuming.

 

This activity covers the processes, manual and automated, used to do this monitoring, maintenance, and necessary reconfiguration based on the observations. It also covers how to verify that an Indicator of Compromise or a group of them conclusively indicate an issue that needs to be remedied.

Ask Questions Get Answers Join the Live Community
Version history
Revision #:
2 of 2
Last update:
‎07-02-2020 11:58 AM
Updated by:
 
Labels
Contributors