EP8: Optimizing Events and Policies in Tenable OT Security - Part 3 скачать в хорошем качестве

EP8: Optimizing Events and Policies in Tenable OT Security - Part 3

In this episode, we dive deep into optimizing policies and events in our cybersecurity environment. This is part three of this section, focusing on wrapping up our communication to external networks and addressing commonly exploited protocols. We start by reviewing our current policies and ensuring all necessary controls are activated. We discuss the importance of filtering out unnecessary traffic and focus on resolving policies generating excessive hits. Through a step-by-step demonstration, we identify and resolve events originating from our Tenable OT devices, ensuring they are properly categorized and excluded from certain policies. Next, we address policies related to commonly exploited protocols. We modify these policies to focus on monitoring internal assets and exclude trusted devices from unnecessary scrutiny. By leveraging existing asset groups and exclusion rules, we efficiently manage and clean up our policy events. Finally, we tackle network threats, specifically focusing on scans targeting our network. We demonstrate how to handle individual policies tied to our intrusion detection system, utilizing exclusion rules to filter out benign activities from trusted sources. Join us as we navigate through these crucial cybersecurity strategies, optimizing our defenses against external threats while ensuring the smooth operation of our network infrastructure. Don't miss out on this insightful episode as we continue to strengthen our cybersecurity posture!