[Owasp-appsensor-project] NIST SP 800-137 Initial Public Draft "IS Continuous Monitoring..."

Christian Heinrich christian.heinrich at owasp.org
Tue Mar 15 20:26:01 EDT 2011


On Tue, Mar 15, 2011 at 5:30 AM, Colin Watson <colin.watson at owasp.org> wrote:
> a)  Page 10 refers to "real-time or near realtime security-related
> information", but elsewhere (e.g. pages 1, 2, 6, 7, 13, 14, 29, etc)
> the phrase "near real-time" is used instead.  The guidance should
> explicity include actual realtime monitoring at each reference to
> "near real-time", so that it is not excluded from the guidance.

"near real-time" is the correct term as the technology has to
establish context which could occur after the event and also an issue
might have been identified below the Application Layer.

FYI - I presented an NIDS/NIPS evasion API at RUXCON in 2005 and also
lead the Snort User Group for Australia and New Zealand.

Christian Heinrich

More information about the Owasp-appsensor-project mailing list