Hello Everybody.... I've completed my Bachelor's Degree in Networking and just started to work as Security Analyst. On the first day of work, my superiors just gave me the network log and said if I see any threats, inform them. How do I know which one is the threat? I'm still new to this job....Feel's like whatever I've learned in teory is not gonna help....
Don't expect to just do the find in the log for the keyword threat and report it. There should be some process in your company to study the log and try to understand that
The company is using Tenable Security Center. But how do I whether it's a real threat or just a false positive? We are also encouraged to use wireshark and Win32 Telnet and SSH client such as putty.
