Introduction In a previous article[1], we discussed how logs enable to identify the weak signals of cyber attacks. By correlating the events recorded in logs, performing a behavioural analysis of specific user profiles, enhancing logs with external resources and rendering the resulting analyses, it is possible to detect the so-called “weak signals” (weak because they…
Operational security
