|
|
|
|
|
|
by adambatkin
1636 days ago
|
|
|
And if it is May 29 and you notice an attacker has been lurking in your network for at least 2 weeks (but you don't yet know exactly when it started or how they got in) you will be very happy that you have netflow and access logs going back 30 or 60 days or a year. And that's considered an operational requirement for anyone who cares about the safety and security of their systems and networks. |
|
|
Edit: clarified "forever"