Protective, GPG13-Compliant Monitoring Using EventLog Analyzer


The journey to a thousand IT problems begins with a single compliance lapse. Yes, this is the first time you are hearing it! So, tell us how often you’ve walked straight into trouble because you underestimated the importance of compliance? A joke about compliance violations refers to them as rust spots that cannot be removed with all the steel wool from the neighborhood. It sounds quite true, though a tad exaggerated. As an admin dealing with log management, you’d be navigating a labyrinth trying to make sense of the data deluge. Let us look at some of the usual and frequent types of issues that log management tackles.
  • An account manager might want to track down some missing files.
  • An employee

Solving a Cyber Crime Case Like Sherlock Holmes

Solving a Cyber Crime Case like Sherlock Holmes
IT security managers lay a lot of emphasis on conducting log forensics investigations. According to the SANS 2013 Digital Forensics Survey, 57% of the respondents said that they conduct forensic investigations to “find and investigate incidents as they are occurring” and 75% of the respondents said they conduct forensic investigations to “find and investigate incidents after the fact”. Detecting the activity of hackers is never easy. Enterprises may have the best of network security solutions to detect network anomalies and threats, but critical resources still continue to get compromised. All IT security managers have to put themselves in the shoes of Mr. Sherlock Holmes to solve cyber cri…

8 Log Management Habits of Highly Effective IT Security Managers

Log Management Habits
In today’s business environment, data is the source that drives organizations in the proper direction. Data enables planning, forecasting, and strategy. For example, retailers rely on customer behavior data to drive more sales, and CEO’s rely of past performance data to make effective decisions. Similarly, IT security professionals rely on log data generated by their IT network infrastructure to secure their networks from threats, attacks, and breaches. The IT infrastructure of any organization includes network devices (routers, switches, firewalls, etc.), systems (Windows, Linux, etc.), and business-critical applications that generate a huge amount of log data. This log data is a gold mi…

Combat Advanced Cyber Attacks With Shared Security Intelligence

Combat Advanced Cyber Attacks With Shared Security Intelligence
(Originally published in Cyber Defense Magazine, Black Hat special edition) ​In this information age, even the mightiest of enterprises and governments across the globe are worried about cyber-attacks. Not a single day passes by without a story about a hack or a compromise or an identity theft involving data related to a large number of users. Cyber security is increasingly becoming complex, and cyber-attacks have truly emerged a global crisis. An analysis of some of the recent high profile breaches reveals that the threat landscape is rapidly evolving into a more dangerous ground with highly targeted attacks and advanced persistent threats (APTs) leading the way. Traditionall…

IT Security and Auditing Framework – A Glass Half Full or Half Empty?

Log Management, Compliance Reporting and SIEM Corporate islands with no connectivity to the external world and/or employees seeking permission to share company critical information with an outsider are not options that ensure protection from information thefts. Not a day goes by without a security breach or espionage attempt in the media. It doesn’t matter whether it’s an internal or external hack caused by a deliberate or inadvertent action. The IT guy is made accountable for the security gaps and is asked to revisit the policies to ensure that such incidents don’t recur. We can all say thanks to the built-in logging mechanism in devices, systems and applications, which help track e…

ManageEngine’s EventLog Analyzer Advances the Cloud with ActiveState Stackato

The cloud, once known as the future of IT, is now part of modern IT infrastructure. With the growing acceptance of BYOD and employees soliciting critical business-service access on the move, the cloud is ideally suited to balancing these current market trends. It helps IT organizations be cost effective and deliver better IT services. If you’re currently evaluating or have already implemented a cloud infrastructure in your business, you know it can be a tricky project with a lot of unanswered questions. This is especially true if statutory compliance acts such as PCI DSS, FISMA, HIPAA, and/or SOX govern your company. You need to consider a sound information security plan to detect abnormal access to…

ManageEngine EventLog Analyzer Secures Gold Award

EventLog Analyzer grabs gold award
We are excited to announce that ManageEngine EventLog Analyzer recently took home the Gold Award from Deb Shinder, MVP (Enterprise Security) reviewed the product before bestowing this award. We want to thank for giving us an opportunity to have our product thoroughly reviewed by Shinder, a seasoned security professional. Thank you Deb for setting aside some time to evaluate EventLog Analyzer. “The vendor (ManageEngine) actually cares about what the IT pros using their solution want and need” Shinder said “This solution manages to be extremely full featured without being complicate…

PCI DSS 3.0: Shifting focus on daily review of ‘security-relevant’ logs to identify suspicious activities [Part-3]

Ever since the release of the PCI DSS version 3.0 change highlights by the PCI Security Standards Council (PCI SSC), stakeholders of payment card industry and security analysts have been busy interpreting the proposed regulations. While many of the sections explained in the change highlights document require clarity, one thing was crystal clear – v3.0 expects the stakeholders to focus their log-review efforts on ‘identifying suspicious activity’ and not merely collecting them religiously and performing a generic review. Even in PCI 2.0, Requirement 10 is all about activity logs – collection, transmission, storage and daily review of logs from the devices and syste…

5 Top Targets for Today’s Hackers

Black Hat USA bills itself as “the show that sets the benchmark for all other security conferences.” While most conferences tend to over-promote themselves, given the activity at this year’s show, that actually might be something of an understatement. From the defense of government surveillance delivered by NSA Director General Keith Alexander to briefings on the coming “cryptopocalypse” and the risks associated with embedded devices and the Internet of Things, Black Hat reminds us that a little bit of paranoia is warranted in today’s connected world. Here are my leading candidates for surprising, damaging ways criminal hackers are breaching our online security and validat…

Spate of shocking cyber attacks on universities jolt academia

It is hauntingly clear – cyber criminals have set their eyes firmly on universities, research institutions, and centers of higher learning in the United States and other parts of the world. If the cyber attacks of the past few weeks are any indication, universities are now facing the biggest threat to information security. Attack landscape
  • On July 17, 2013, personal information of more than 72,000 staff members (past and present) of the University of Delaware in Newark was compromised. Hackers  obtained the information (names, addresses, social security numbers, etc.) by exploiting the vulnerability in a third-party software that the university used.
  • On July 18, 2013, during a routine security sca