The focus of the SANS Top 6 Categories of Critical Log Information is log management and reporting. This dashboard parses log events utilizing Tenable’s Log Correlation Engine and Passive Vulnerability Scanner. Events are presented to the analyst across a series of customizable indicator matrices, tables and trending components for each category. Components should be customized to fit your organizational needs.
The SANS 6 categories are:
This dashboard provides a summary of encrypted communications found on the network. The dashboard is comprised of six components that represent passive encryption detection, active scan data, and log data from LCE.
This component utilizes PVS to present a graphical representation of encrypted sessions on the wire. Three categories are represented: