ABSTRACT
The nature of security in the IT sector is constantly evolving. In the last three to six years we have seen an explosive growth in the development of tools for the security trade. These tools were intended to better our abilities to protect our network infrastructures, i.e., to better ensure the overall integrity and security of our infrastructures and in turn to, hopefully, make our lives as IT security professionals easier. In many instances this has been the case. However, it often appears that with the implementation of each new tool not only do we receive new and valuable information, as expected, but in addition we receive a plethora of information. This surplus information poses a serious challenge for those of us on the security team. Not only must we evaluate it, but we must also determine from a security standpoint whether to process it (and how) or simply to understand the information and make intelligent decisions based on it, with respect to the security of the involved network infrastructures.
