Tags ArchivesSIEM

SIEM and VOIP standard

What in the world are those two topics doing in the same post?  Well, I’ve got a small roll-up for you.  Here are two blog posts you should read.  Both are short and relevant, exactly what most of us like! The first is a post from my co-author Anton Chuvakin entitled Log Management + SIEM = ?, a post that lays out four scenarios where SIEM and LM can be combined as part of the technology deployment of a security strategy.  This field is something that I’m enjoying watching grow, and in fact my new employer plays in the space.  Log management and SIEM are both critical functions to any security environment.  While mature installations may not be able to ...

Continue Reading

The Problem with Logging standard

Kim Zetter from Wired Magazine put Wal-Mart back in the news recently with information about an alleged incident that occurred in the 2005-2006 timeframe.  One of the key issues making the rounds is the following assertion made by Zetter: The company’s server logs recorded only unsuccessful log-in attempts, not successful ones, frustrating a detailed analysis. Logs serve multiple purposes, and for that reason they tend to grow rapidly.  Sure, storage is cheap nowadays, but every company still struggles with this very basic concept.  While I won’t speak specifically to the Wal-Mart incident (Evan Schuman has some great additions), I will address some of what I see with my customers and their struggles with logging. Over-Logging This is more typical than ...

Continue Reading

This is a unique website which will require a more modern browser to work!

Please upgrade today!