{"id":255241,"date":"2022-10-11T16:45:23","date_gmt":"2022-10-11T11:15:23","guid":{"rendered":"https:\/\/www.jigsawacademy.com\/?p=255241"},"modified":"2022-10-12T10:03:32","modified_gmt":"2022-10-12T04:33:32","slug":"a-guide-to-ids-and-its-tools-to-optimize-cybersecurity-in-2023","status":"publish","type":"post","link":"https:\/\/www.jigsawacademy.com\/blogs\/experts-speak\/a-guide-to-ids-and-its-tools-to-optimize-cybersecurity-in-2023\/","title":{"rendered":"A Guide To IDS And Its Tools To Optimize Cybersecurity In 2023"},"content":{"rendered":"<p><span data-contrast=\"none\">The work on IDS or Intrusion Detection System was done during the years 1984 and 1986. Dorothy Denning and Peter Neumann created the Intrusion Detection Expert System with the initial iteration of the IDS (IDES). IDS is a term used to describe a method that may recognize or detect the existence of invasive activity.\u00a0<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"none\">In a larger sense, this refers to all the procedures used to identify the unlawful computer or network usage. IDS functions similarly to a jigsaw puzzle, where from many parts of the network the data gets originated, and from various sources, they are pieced together for further analysis to form a complete image of the IDS in operation.<\/span><\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-255513 size-full\" src=\"https:\/\/www.jigsawacademy.com\/wp-content\/uploads\/2022\/10\/Jigsaw_Puzzle_1.gif\" alt=\"\" width=\"853\" height=\"480\" title=\"\"><\/p>\n<p>&nbsp;<\/p>\n<p><span data-contrast=\"auto\">The intrusion detection system works on detecting the behavioral patterns in network traffic that is generated from different locations in an organization. The detection methods vary based on two types:<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Signature-based Method:\u00a0<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">This method can quickly identify the attacks and whose signature is previously present in the system. However, it can be challenging to identify newly discovered malware attacks whose pattern is unknown.\u00a0<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:1440}\">\u00a0<\/span><\/p>\n<ul>\n<li><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:1440}\">\u00a0<\/span><span data-contrast=\"auto\">Anomaly-based Method:<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">When a malware is generated quickly, this method is launched to identify unknown malware threats. In anomaly-based IDS, Machine Learning (ML) is used to build a reliable activity model that is compared to anything arriving and is labeled suspicious if it is not found in the model.\u00a0<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:1440}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Intrusion detection system comes in different flavors such as:<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/p>\n<ol>\n<li><span data-contrast=\"auto\">Network Intrusion Detection System (NIDS): Examines all network traffic coming from all connected devices.\u00a0<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Host Intrusion Detection System (HIDS): It keeps track of a device&#8217;s incoming and outgoing packets, and it notifies the administrator if any unusual or malicious behavior is found.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Protocol-based Intrusion Detection System (PIDS): Controls and interprets the protocol used by a user or device to communicate with a server.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Application Protocol-based Intrusion Detection System (APIDS): Monitors and analyses communication on application-specific protocols to detect intrusions.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Hybrid Intrusion Detection System: Combines different approaches of intrusion detection system. In this, to create a holistic picture of the network system, host agent or system data is integrated with network information.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<\/ol>\n<p><span data-contrast=\"auto\">There are a few open-source and paid tools that are used to keep a check on the traffic generated on an organization\u2019s network, which encompasses the methods of IDS detection and the type of IDS detection.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/www.jigsawacademy.com\/wp-content\/uploads\/2022\/10\/IDS_Tools.webp\"><img decoding=\"async\" class=\"aligncenter wp-image-255514 size-medium\" src=\"https:\/\/www.jigsawacademy.com\/wp-content\/uploads\/2022\/10\/IDS_Tools.webp\" alt=\"\" width=\"765\" height=\"465\" title=\"\"><\/a><\/p>\n<h3><b><span data-contrast=\"auto\">Open Source<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/h3>\n<ul>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Snort<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">The oldest and most widely used IDS in the open-source community is Snort, which is run by Cisco Systems. It is the popular open-source program and can analyse real-time traffic while running on Windows, Linux, and Unix operating systems. Packet sniffer, packet logger, and intrusion detection are the three operating modes of Snort. Snort uses both signature-based and anomaly-based techniques for intrusion detection.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720,&quot;335559739&quot;:0}\">\u00a0<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720,&quot;335559739&quot;:0}\">\u00a0<\/span><b><span data-contrast=\"auto\">Cons:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720,&quot;335559739&quot;:0}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Comes with no GUI and packet processing can be slow.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Zeek:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Zeek, formerly known as Bro, is an effective network monitoring tool with a focus on traffic analysis in general. Zeek can identify suspicious signatures and anomalies and runs on Unix, Linux, Free BSD, and Mac OS X. It doesn&#8217;t rely on conventional signatures because it employs a domain-specific language instead. One can therefore create tasks for its policy engine.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><b><span data-contrast=\"auto\">Cons:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Some technical experience is required to become expertise.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">OSSEC:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Open Source HIDS Security emphasizes log analysis, file integrity monitoring, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting, and active response. All popular operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris, and Windows, are compatible with OSSEC.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><b><span data-contrast=\"auto\">Cons:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Problem with pre-sharing keys and requires significant experience to setup and manage.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Suricata:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Suricata is a reliable network threat detection engine and one of the most popular Snort replacements. However, the fact that this tool collects data at the application layer distinguishes it from Snort. This IDS can also carry out inline intrusion prevention, intrusion detection, and network security monitoring in real-time.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><b><span data-contrast=\"auto\">Cons:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Prone to false positives and is complicated to install.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"5\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Security Onion:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Security Onion is a time-saving IDS that may be used for more than just intrusion detection. With an emphasis on log management, enterprise security monitoring, and intrusion detection, it is also beneficial for Linux distribution. This tool&#8217;s ability to integrate the strength of other security tools like Snort, Kibana, Zeek, Wazuh, CyberChef, NetworkMiner, Suricata, and Logstash is what makes it so intriguing.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><b><span data-contrast=\"auto\">Cons:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Requires high knowledge to get full benefit of the tool.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<h3><b><span data-contrast=\"auto\">Paid<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/h3>\n<ul>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"6\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Solarwinds:<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Works on Windows, can record messages sent by Windows PCs as well as Mac, Linux, and Unix systems, maintains data collected by Snort, inspects traffic data using network intrusion detection, and can acquire network data in real-time via Snort. For event correlation, it is set up with more than 700 rules.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;335559685&quot;:720}\">\u00a0<\/span><b><span data-contrast=\"auto\">Cons:<\/span><\/b><span data-ccp-props=\"{&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Tailoring the reports is daunting and version updates are not frequent.<\/span><span data-ccp-props=\"{&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"6\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">CrowdStrike Falcon:<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">May be installed on desktop or server platforms running Windows, Mac, or Linux. In- order to administer policies, regulate reporting data, manage, and respond to risks, these platforms rely on a cloud-hosted solution. Excellent tool with low impact on performance.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><b><span data-contrast=\"auto\">Cons:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Device Control requires comprehensiveness.<\/span><span data-ccp-props=\"{&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"%1.\" data-font=\"Times New Roman\" data-listid=\"6\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559684&quot;:-1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,4],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">ManageEngine Event Log Analyzer:<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">An analysis tool for log files that looks for signs of intrusion. gathers, examines, searches, reports on, and archives the event logs of distributed Windows devices, the syslogs of Linux\/UNIX devices, routers, switches, and other syslog devices, as well as the application logs of IIS web\/FTP servers, print servers, MS SQL, and Oracle database servers.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><b><span data-contrast=\"auto\">Cons:<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Requires installation of connector servers to send logs for correlation and analysis.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559685&quot;:720}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Final Thoughts<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Now that you have an extensive understanding of what an IDS is and some <\/span><a href=\"https:\/\/www.jigsawacademy.com\/program\/postgraduate-certificate-program-in-cybersecurity\/\"><span data-contrast=\"none\">diverse options<\/span><\/a><span data-contrast=\"auto\"> in terms of open source and paid tools, we believe you would be revisiting your cybersecurity tools accordingly. Let us know in the comments what other tools you know, or you implement in your organization.\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The work on IDS or Intrusion Detection System was done during the years 1984 and 1986. Dorothy Denning and Peter Neumann created the Intrusion Detection Expert System with the initial iteration of the IDS (IDES). IDS is a term used to describe a method that may recognize or detect the existence of invasive activity.\u00a0\u00a0 In [&hellip;]<\/p>\n","protected":false},"author":2771,"featured_media":255516,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1496,1262],"tags":[],"form":[1499],"acf":[],"_links":{"self":[{"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/posts\/255241"}],"collection":[{"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/users\/2771"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/comments?post=255241"}],"version-history":[{"count":2,"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/posts\/255241\/revisions"}],"predecessor-version":[{"id":255517,"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/posts\/255241\/revisions\/255517"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/media\/255516"}],"wp:attachment":[{"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/media?parent=255241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/categories?post=255241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/tags?post=255241"},{"taxonomy":"form","embeddable":true,"href":"https:\/\/www.jigsawacademy.com\/wp-json\/wp\/v2\/form?post=255241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}