There are many network monitoring tools out there - some free, most paid. What software do you think is best for a large enterprise? Why?
Hi SOC analysts and other infosec professionals,
Which standard/custom method do you use to decide about the alert severity in your SOC?
Is it possible to avoid being too subjective? How do you fight the "alert fatigue"?
Why should businesses actively monitor network traffic?
What benefits are there to network monitoring?
Any suggestions for where to start with setting up effective network monitoring?