Security Review Program Requirements for Intrusion Management Systems

Intrusion Management Systems are being used to prevent the information systems from successful intrusions and their consequences. They try to detect the intrusions as they occur and recover the information system after successful attacks. The investigation process of the intrusion is also one of the important tasks of Intrusion Management Systems. These systems have a model consisting of avoidance, assurance, detection and recovery layers. Intrusion Management Systems are used by organizations, which are aiming to protect their assets from intrusions. After the implementation of the system, continuous reviews must also be conducted in order to ensure the effectiveness of the measures taken. Such a review can achieve its goal by using principles and standards. In this book, the principles necessary to implement a successful review program for Intrusion Management Systems have been developed in the guidance of Generally Accepted System Security Principles (GASSP).