Network security management is about more than just your Windows machines. You probably already know that. But did you know that when it comes to combating security breaches, you need to trace network intrusions at the peripheral device level? This includes firewalls, routers, switches, and IDS/IPS—the whole crew.
And when it comes to servers, Linux/Unix servers are being increasingly used with the growth of cloud computing. According to Gartner’s analysis of server operating systems’ market share worldwide, the usage of Windows OS in enterprise environments is declining while Linux is steadily increasing. In fact, the market share of Linux grew by 10.4 percent in 2015.*
Both perip…
READ MORE
Protective, GPG13-Compliant Monitoring Using EventLog Analyzer
The journey to a thousand IT problems begins with a single compliance lapse. Yes, this is the first time you are hearing it! So, tell us how often you’ve walked straight into trouble because you underestimated the importance of compliance? A joke about compliance violations refers to them as rust spots that cannot be removed with all the steel wool from the neighborhood. It sounds quite true, though a tad exaggerated.
As an admin dealing with log management, you’d be navigating a labyrinth trying to make sense of the data deluge. Let us look at some of the usual and frequent types of issues that log management tackles.
- An account manager might want to track down some missing files.
- An employee
READ MORE
Solving a Cyber Crime Case Like Sherlock Holmes
IT security managers lay a lot of emphasis on conducting log forensics investigations. According to the SANS 2013 Digital Forensics Survey, 57% of the respondents said that they conduct forensic investigations to “find and investigate incidents as they are occurring” and 75% of the respondents said they conduct forensic investigations to “find and investigate incidents after the fact”. Detecting the activity of hackers is never easy. Enterprises may have the best of network security solutions to detect network anomalies and threats, but critical resources still continue to get compromised.
All IT security managers have to put themselves in the shoes of Mr. Sherlock Holmes to solve cyber cri…
READ MORE
8 Log Management Habits of Highly Effective IT Security Managers
In today’s business environment, data is the source that drives organizations in the proper direction. Data enables planning, forecasting, and strategy. For example, retailers rely on customer behavior data to drive more sales, and CEO’s rely of past performance data to make effective decisions. Similarly, IT security professionals rely on log data generated by their IT network infrastructure to secure their networks from threats, attacks, and breaches. The IT infrastructure of any organization includes network devices (routers, switches, firewalls, etc.), systems (Windows, Linux, etc.), and business-critical applications that generate a huge amount of log data.
This log data is a gold mi…
READ MORE
Combat Advanced Cyber Attacks With Shared Security Intelligence
(Originally published in Cyber Defense Magazine, Black Hat special edition)
In this information age, even the mightiest of enterprises and governments across the globe are worried about cyber-attacks. Not a single day passes by without a story about a hack or a compromise or an identity theft involving data related to a large number of users. Cyber security is increasingly becoming complex, and cyber-attacks have truly emerged a global crisis.
An analysis of some of the recent high profile breaches reveals that the threat landscape is rapidly evolving into a more dangerous ground with highly targeted attacks and advanced persistent threats (APTs) leading the way.
Traditionall…
READ MORE
IT Security and Auditing Framework – A Glass Half Full or Half Empty?
Log Management, Compliance Reporting and SIEM
Corporate islands with no connectivity to the external world and/or employees seeking permission to share company critical information with an outsider are not options that ensure protection from information thefts. Not a day goes by without a security breach or espionage attempt in the media. It doesn’t matter whether it’s an internal or external hack caused by a deliberate or inadvertent action. The IT guy is made accountable for the security gaps and is asked to revisit the policies to ensure that such incidents don’t recur.
We can all say thanks to the built-in logging mechanism in devices, systems and applications, which help track e…
READ MORE
ManageEngine’s EventLog Analyzer Advances the Cloud with ActiveState Stackato
The cloud, once known as the future of IT, is now part of modern IT infrastructure. With the growing acceptance of BYOD and employees soliciting critical business-service access on the move, the cloud is ideally suited to balancing these current market trends. It helps IT organizations be cost effective and deliver better IT services.
If you’re currently evaluating or have already implemented a cloud infrastructure in your business, you know it can be a tricky project with a lot of unanswered questions. This is especially true if statutory compliance acts such as PCI DSS, FISMA, HIPAA, and/or SOX govern your company. You need to consider a sound information security plan to detect abnormal access to…
READ MORE
ManageEngine EventLog Analyzer Secures Gold Award
EventLog Analyzer grabs windowssecurity.com gold award
We are excited to announce that ManageEngine EventLog Analyzer recently took home the Gold Award from WindowsSecurity.com. Deb Shinder, MVP (Enterprise Security) reviewed the product before bestowing this award.
We want to thank WindowsSecurity.com for giving us an opportunity to have our product thoroughly reviewed by Shinder, a seasoned security professional. Thank you Deb for setting aside some time to evaluate EventLog Analyzer.
“The vendor (ManageEngine) actually cares about what the IT pros using their solution want and need” Shinder said “This solution manages to be extremely full featured without being complicate…
READ MORE
PCI DSS 3.0: Shifting focus on daily review of ‘security-relevant’ logs to identify suspicious activities [Part-3]
Ever since the release of the PCI DSS version 3.0 change highlights by the PCI Security Standards Council (PCI SSC), stakeholders of payment card industry and security analysts have been busy interpreting the proposed regulations. While many of the sections explained in the change highlights document require clarity, one thing was crystal clear – v3.0 expects the stakeholders to focus their log-review efforts on ‘identifying suspicious activity’ and not merely collecting them religiously and performing a generic review.
Even in PCI 2.0, Requirement 10 is all about activity logs – collection, transmission, storage and daily review of logs from the devices and syste…
READ MORE
5 Top Targets for Today’s Hackers
Black Hat USA bills itself as “the show that sets the benchmark for all other security conferences.” While most conferences tend to over-promote themselves, given the activity at this year’s show, that actually might be something of an understatement.
From the defense of government surveillance delivered by NSA Director General Keith Alexander to briefings on the coming “cryptopocalypse” and the risks associated with embedded devices and the Internet of Things, Black Hat reminds us that a little bit of paranoia is warranted in today’s connected world.
Here are my leading candidates for surprising, damaging ways criminal hackers are breaching our online security and validat…
Currently browsing EventLogAnalyzer.