UpPrevious Next Sheriff CSM™ About Sheriff CSM %TWISTY{ showlink="table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=""...

UpPrevious Next Sheriff CSM™ Assets and Groups It is important for security practitioners to know what assets are connected on the company network and how the de...

UpPrevious Next Sheriff CSM™ Back Up and Restore System Configuration %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgl...

UpPrevious Next Sheriff CSM™ Correlation Contexts Sheriff CSM uses Correlation Contexts to allow overlapping networks. A Sheriff CSM Server can handle overlappin...

UpPrevious Next Sheriff CSM™ Correlation Rules A correlation rule defines a condition to match incoming events. Refer to How Does Correlation Work? for details. T...

UpPrevious Next Sheriff CSM™ Create a New Cross Correlation Rule In this example, we explain how to create a cross correlation rule to detect a MySQL authenticati...

UpPrevious Next Sheriff CSM™ Create Policy Consequences Policy Consequences are the final component to creating a policy, after Create a New Policy and Create Po...

UpPrevious Next Sheriff CSM™ Cross Correlation %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=""...

UpPrevious Next Sheriff CSM™ Cross Correlation Rules The correlation engine uses cross correlation rules to connect NIDS events and vulnerabilities discovered by...

UpPrevious Next Sheriff CSM™ Directive Information The first column on the left lists some additional information (called properties) about the directive, such a...

UpPrevious Next Sheriff CSM™ Event Collection, Processing, and Correlation Workflow All Sheriff CSM's security monitoring and management capabilities stem from i...

UpPrevious Next Sheriff CSM™ Event Correlation %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" ...

UpPrevious Next Sheriff CSM™ Correlation Directives Sheriff CSM provides over 4,500 built in directives and adds more every week through the AT T Alien Labs™ Thr...

UpPrevious Next Sheriff CSM™ Global Properties Each correlation directive has the following global properties Global properties for correlation directives Prop...

UpPrevious Next Sheriff CSM™ How Do I Discover a Possibly Larger Attack in Progress? Most day to day security monitoring work involves detecting where security c...

UpPrevious Next Sheriff CSM™ Introduction to Sheriff CSM This guide provides information for users of the Sheriff CSM system, that are responsible for monitoring...

UpPrevious Next Sheriff CSM™ Knowledge DB Some built in correlation directives also include a link that points to a document in the Sheriff Knowledge Base (Confi...

UpPrevious Next Sheriff CSM™ Modify a Built in Cross Correlation Rule Similar to correlation directives, you can customize cross correlation rules as well. Import...

UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 1: Install and Maintain a Firewall Configuration to Protect Cardholder Data Testing Procedure How Sher...

UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 3: Protect Stored Cardholder Data Testing Procedure How Sheriff CSM Delivers Sheriff CSM Instructions...

UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 4: Encrypt Transmission of Cardholder Data Across Open, Public Networks Testing Procedure How Sheriff C...

UpPrevious Next Sheriff CSM™ Policy Consequences You can configure different consequences when creating or modifying a policy. Policy consequences define the way...

UpPrevious Next Product Types and Categories Applies to Product: Sheriff CSM™ Sheriff Vigilante® Sheriff event taxonomy consists of product types, categor...

UpPrevious Next Sheriff CSM™ Sheriff CSM Administration and Configuration During the course of using Sheriff CSM to manage and maintain network security in your ...

UpPrevious Next Sheriff CSM™ Sheriff CSM Event Taxonomy Sheriff event taxonomy is a classification system for security events. It provides the Sheriff CSM correla...

UpPrevious Next Sheriff CSM™ Sheriff NIDS %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" }% ...

UpPrevious Next Sheriff CSM™ The Sheriff CSM Web User Interface The Sheriff CSM web user interface (or web UI) provides access to all the tools and capabilities ...

UpPrevious Next Sheriff CSM™ User Administration in Sheriff CSM %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="...