The concept of intrusion detection has been around for many years and will continue to be needed so long as malicious actors try to breach networks and steal sensitive data. New advancements in technology and “buzz words” can sometimes make intrusion detection sound extremely complex, confusing you with where to start and how to implement a proper intrusion detection framework.
While the methodology behind intrusion detection is vast, the concepts stay the same. Intrusion detection is essentially the following: A way to detect if any unauthorized activity is occurring on your network or any of your endpoints/systems.
We use intrusion detection to identify any unwanted activity occurring on our network or endpoints to catch a threat actor before they cause harm to our network or the business.
There are many topics to cover when dealing with intrusion detection, but in this article, we will focus on breaking down the methodology into three categories:
Types of intrusion detection systems Intrusion detection vs. intrusion prevention Types of free intrusion detection software Types of intrusion detection systems
Let’s start with the types of intrusion detection. If you’ve ever Google searched “intrusion detection,” you might have been flooded with vendors, scholar papers and