Using a Collection Management Framework for ICS Security Operations and Incident Response
A collection management framework (CMF) is an essential way to extend the value of an asset inventory to make it more useful for use-cases in security operations and incident response. A CMF helps analysts understand not only what they have, but what data is available from their assets, how long they store it, and what they can do with that data. Pre-made investigation playbooks pared with an understanding of the threat and what your collection is a core way to have a repeatable and scalable approach to monitoring your industrial networks for threats and responding to them efficiently.
This webinar outlines how to build a CMF and shows examples of how to use it. Examples educate attendees on incident response, threat hunting, and security operations use-cases in the industrial control system (ICS).
View the next on-demand webinar
Ready to put your insights into action?
Take the next steps and contact our team today.