Living with COVID-19 means we’ve been inundated with monitoring, observation isolation and contact tracing. As controversial as these topics might be, I’ve noticed that when it comes to cybersecurity and applications, the idea of monitoring and the concept of observability have become extremely important.
Last year, CompTIA’s State of Cybersecurity 2020 report found that security monitoring was a “top-of-mind” concern, as shown below.
And this year, the State of Cybersecurity 2021 report doubled down on the importance of monitoring, showing how important analytics has become to hiring managers when it comes to cybersecurity.
Monitoring involves using tried and tested tools and best practices, such as intrusion detection, advanced logging and Security Information and Event Management (SIEM) platforms. Today, organizations are doing all they can to hire qualified cybersecurity analysts, one of the fastest-growing, security-oriented job roles today.
Observability: The Next Level?
Typical monitoring involves passive listening to host and network data using tools such as router logs, and applications like Snort, Zeek and Suricata, SIEM tools and other log and data-oriented activities. But, to get even more context and delve more deeply into how applications work, there seems to be a relatively new concept: Observability. The two practices are related, but not identical. Think of it this way: Monitoring is kind of like using Google Maps – it does a great job of giving you a general idea of the lay of the land. Observability is more detailed – kind of like Google Street View, or an augmented reality application that allows you to see exactly what is going on at a given time.
Continue reading: https://www.comptia.org/blog/monitoring-and-observability
Last year, CompTIA’s State of Cybersecurity 2020 report found that security monitoring was a “top-of-mind” concern, as shown below.
And this year, the State of Cybersecurity 2021 report doubled down on the importance of monitoring, showing how important analytics has become to hiring managers when it comes to cybersecurity.
Monitoring involves using tried and tested tools and best practices, such as intrusion detection, advanced logging and Security Information and Event Management (SIEM) platforms. Today, organizations are doing all they can to hire qualified cybersecurity analysts, one of the fastest-growing, security-oriented job roles today.
Observability: The Next Level?
Typical monitoring involves passive listening to host and network data using tools such as router logs, and applications like Snort, Zeek and Suricata, SIEM tools and other log and data-oriented activities. But, to get even more context and delve more deeply into how applications work, there seems to be a relatively new concept: Observability. The two practices are related, but not identical. Think of it this way: Monitoring is kind of like using Google Maps – it does a great job of giving you a general idea of the lay of the land. Observability is more detailed – kind of like Google Street View, or an augmented reality application that allows you to see exactly what is going on at a given time.
Continue reading: https://www.comptia.org/blog/monitoring-and-observability
