How many security people have had near total visibility into their critical regions of their networks?
For a decent-sized enterprise trying to show a profit, this is a difficult challenge.
Well, with a very large deployment of Snare agents, syslog streams off firewalls and authentication servers, some scripting magic, and a ton of backend AWK processing... I'm getting near total visibility.
And lemme tell ya... it is a frightening thing.
