An Information Security Community
This article was originally posted on my Digital Forensics Blog.
I heard talk at the SANS DFIR Summit a couple weeks ago about "knowing normal". What does that mean? Knowing what your systems and networks are doing each day and what their stats should look like. That way, even if you don't really know how to recognize…Continue