Network Monitoring SIG (Inactive at this time)


Mission Statement

To advocate, develop and promote knowledge and techniques for collection and analysis of network sensor and monitoring data to build the capabilities of CSIRTs to quantify and measure malicious activity on networks to create more secure systems.


Why this SIG?

  • Network monitoring is an important source of information to help CSIRTs quantify malicious activity on networks;
  • To help CSIRTs best use their limited resources by making use of the tools and techniques developed by other CSIRTs;
  • To promote collaboration in the development of new tools, techniques and analysis methodologies.

Goals

  • Provide an platform for FIRST members to actively exchange monitoring technologies, software and knowledge;
  • Promote situational awareness and support research into more secure systems and networks;
  • Join forces in current global (software)developments in the field of network monitoring to reduce cost and improve performance;
  • Gradually work towards a common set of standards/formats and, in the long term, to a common repository of monitoring-tools.

Scope / Limitations

  • Participation to the NM-SIG is op en to FIRST members. Albeit that non-members can be introduced by FIRST members to join the NM-SIG;
  • The SIG is focused primarily and solely on technical issues, rather than policy or legal issues;
  • The SIGs focus is on monitoring technologies in the broadest sense of the word (hence theres no limiting definition as to what monitoring is all about and what not);
  • The SIG has no ambition to set global standards for monitoring data exchange, but supports the development of an operational framework;
  • The SIG has no intention to become an auditing or certification authority regarding monitoring systems or technologies whatsoever.

Network Monitoring Survey

The NM-SIG has set up a questionnaire to provide an overview of what monitoring initiatives are present within the NM-SIG. The results are available to the FIRST and NM-SIG community.

If you are a Member of FIRST community, please contribute by filling up the survey. Don't forget to also take a look at what other teams are doing by accessing the survey results (options reserved for FIRST Members, at Members-only view of the website).

Organization

Chair

David J. Bianco, GE-CIRT

Mailing list: nm-sig@first.org

(NM SIG)