The EU Agency for Cybersecurity ENISA has published a new report and accompanying repository on measures and information sources that could help security experts and operators of IT and critical infrastructure to proactively detect network security incidents in the EU.
The documents aims at evaluating methods, tools, activities and information sources for proactive detection of network security incidents.
The proactive detection process aims at discovering malicious activity conducted by threat actors through internal monitoring tools or external sources that shares information about detected incidents.
“The current project aims to provide a complete inventory of all available methods, tools, activities and information sources for proactive detection of network security incidents, which are used already or potentially could be used by incident response teams in Europe nowadays.” reads the report. “The current report evaluates available methods, tools, activities and information sources for proactive detection of network incidents.”
The EU agency launched this project to improve the detection of network security incidents in the EU, by:
This report identifies and analyzes how proactive detection in the EU is evolved between 2011 and 2019. Among the goals of the project there is the exploration of new areas that could help to improve operational cooperation and information sharing.
The deliverable of the project are three reports and in a living repository hosted on GitHub.
“The objective is to offer a point of reference for new or well-established teams who need to identify or reassess appropriate measures for proactive detection of incidents.” continues the post published by ENISA.
Enjoy the report!
(SecurityAffairs – ENISA, cybersecurity)