Latest news
Love them or loathe them, log files play a central role in this. Logs are the lifeblood. They tell us the Who, the What, the Where, and the When. They give is insight. They give us answers. Very occasionally they might even make us laugh when the computer jargon points out the very obvious or make a simple fault sound incredibly serious.
Because of the widespread deployment of networked servers, workstations, and other computing devices, and the ever-increasing number of threats against networks and systems, the number, volume, and variety of computer security logs has increased greatly. This has created the need for computer security log management, which is the process for generating, transmitting, storing, analysing, and disposing of computer security log data.
Log files are critical to the successful investigation and prosecution of security incidents, therefore best practices recommend logging all events. However, enforcing such a policy can often overwhelm already overworked system administrators. The last thing you want is information overload. But it is true to say that logging only subsets is a risk. There are emerging solutions that do indeed gather a log for every event that takes place on the network, and provide an easy way to retrieve specific information if and when required.
Log files generally fall into one of three categories. Security software logs primarily contain computer security-related information, while operating system logs and application logs typically contain a variety of information, including computer security-related data.
Security Software
- Anti-Virus Software
- Intrusion Detection & Protection
- Remote Access Software
- Web Proxies
- Vulnerability Management Software
- Authentication Servers
- Routers
- Firewalls
- Network Devices
Operating systems (OS) for servers, workstations, and networking devices (e.g., routers, switches) usually log a variety of information related to security. The most common types of security-related OS data are:
Spotlight
Is it time to professionalize information security?
Posted on 23 May 2013. | The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate.
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
