Chapter 5

Access Analytics

Abstract

Since the technologies providing the convenience to remotely access our IT systems can be manipulated by the malicious actors, it is important to have a security program to quickly identify the misuse of systems. We do this by using access analytics. In this chapter, we use a programming language called Python, which is used to create programs for detection strategies, and apply it to a scenario involving virtual private network logs.

Keywords

Access analytics; Knowledge engineering; MaxMind GeoIP; Programming detection strategies; Python; Remote access technologies; Scripting; Security analytics; Virtual private network; VPN

Information in This Chapter

▪ Access Analytics (30 pages)

▪ Scenarios and Challenges in User ...

Get Information Security Analytics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Information Security Analytics by Mark Talabis, Jason Martin, Robert McPherson, Inez Miyamoto

Access Analytics

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly