Best practises for log management

•Télécharger en tant que PPT, PDF•

9 j'aime•6,813 vues

Brian Honan

An outline of how to manage your log files to improve your security

Technologie

Introduction ,[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd

What Are Logs? ,[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd

Why are Logs Important? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd

Monitoring as Part of Security Process 20/06/11 Copyright © 2005 BH IT Consulting Ltd Develop Security Policy Secure The Network Improve Based on Feedback Test Security Monitor

Typical Network 20/06/11 Copyright © 2005 BH IT Consulting Ltd

The Challenges ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd

The Challenges ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd

20/06/11 Copyright © 2005 BH IT Consulting Ltd Too Much Information !!!

Best Practices ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd

Best Practices ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd

Important Windows Events ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd

Tools ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd

Links ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd

Questions ? 20/06/11 Copyright © 2005 BH IT Consulting Ltd

Contenu connexe

Tendances

Privileged Access Management (PAM)danb02

Security Information and Event Management (SIEM)hardik soni

Secure by Design - Security Design Principles for the Rest of UsEoin Woods

SOC presentation- Building a Security Operations CenterMichael Nickle

Vulnerabilities in modern web applicationsNiyas Nazar

Palo Alto Networks: Protection for Security & ComplianceAmazon Web Services

Software securityRoman Oliynykov

Secure code practicesHina Rawal

OWASP Secure Codingbilcorry

Elastic SIEM (Endpoint Security)Kangaroot

Secure coding practicesScott Hurrey

ELK in Security Analytics nullowaspmumbai

Secure Code Review 101Narudom Roongsiriwong, CISSP

SIEM ArchitectureNishanth Kumar Pathi

Secure Coding principles by example: Build Security In from the start - Carlo...Codemotion

Splunk OverviewSplunk

IBM Infosphere Guardium - Database Securityebuc

Threat modelling(system + enterprise)abhimanyubhogwan

Security operation center (SOC)Ahmed Ayman

OSI Layer SecurityNurkholish Halim

Tendances (20)

Privileged Access Management (PAM)

Security Information and Event Management (SIEM)

Secure by Design - Security Design Principles for the Rest of Us

SOC presentation- Building a Security Operations Center

Vulnerabilities in modern web applications

Palo Alto Networks: Protection for Security & Compliance

Software security

Secure code practices

OWASP Secure Coding

Elastic SIEM (Endpoint Security)

Secure coding practices

ELK in Security Analytics

Secure Code Review 101

SIEM Architecture

Secure Coding principles by example: Build Security In from the start - Carlo...

Splunk Overview

IBM Infosphere Guardium - Database Security

Threat modelling(system + enterprise)

Security operation center (SOC)

OSI Layer Security

Similaire à Best practises for log management

File000138Desmond Devendran

Log Analytics for Distributed MicroservicesKai Wähner

Logicalis Security ConferencePaul Dutot IEng MIET MBCS CITP OSCP CSTM

Event log analyzer by me ER Swapnil Raut

Leveraging Log Management to provide business valueEnterprise Technology Management (ETM)

Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.comMichael Gough

Cutting-Edge Network Behavior Audit Technology from BMSTBMST

Cso 4any ram rev 2.6 management summaryCSO GmbH

Oracle Management Cloud Dheeraj Hiremath

Oracle Management CloudDheeraj Hiremath

Session Auditor - Transparent Network Behavior RecorderBMST

ObserveIT Remote Access Monitoring Software - Corporate PresentationObserveIT

Six Mistakes of Log Management 2008Anton Chuvakin

How to Use OWASP Security LoggingMilton Smith

Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...SolarWinds

Cloud computingpptxjohnsonbcs

Security Information Event Management Security Information Event Managementkarthikvcyber

EventLog Analyzer - Product overviewManageEngine EventLog Analyzer

Securing your IT infrastructure with SOC-NOC collaboration TWPSridhar Karnam

Stay clear of the bugs: Troubleshooting Applications in Microsoft AzureHARMAN Services

Similaire à Best practises for log management (20)

File000138

Log Analytics for Distributed Microservices

Logicalis Security Conference

Event log analyzer by me

Leveraging Log Management to provide business value

Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com

Cutting-Edge Network Behavior Audit Technology from BMST

Cso 4any ram rev 2.6 management summary

Oracle Management Cloud

Session Auditor - Transparent Network Behavior Recorder

ObserveIT Remote Access Monitoring Software - Corporate Presentation

Six Mistakes of Log Management 2008

How to Use OWASP Security Logging

Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...

Cloud computingpptx

Security Information Event Management Security Information Event Management

EventLog Analyzer - Product overview

Securing your IT infrastructure with SOC-NOC collaboration TWP

Stay clear of the bugs: Troubleshooting Applications in Microsoft Azure

Plus de Brian Honan

Brian honan ipexpo keynoteBrian Honan

GDPR & Brexit - What Does the Future Hold?Brian Honan

Ransomware Prevention GuideBrian Honan

Brian honanBrian Honan

The dark side of the internetBrian Honan

Data security brian honanBrian Honan

Presentation on EU Directives Impacting Cyber Security for Information Securi...Brian Honan

Incident Response in the CloudBrian Honan

How to Like Social Media Network SecurityBrian Honan

Bridging the air gapBrian Honan

Proactive incident responseBrian Honan

Learning from HistoryBrian Honan

Incident response cloudBrian Honan

Preparing for Failure - Best Practise for Incident ResponseBrian Honan

Cloud securityBrian Honan

Layer 8 Security - Securing the Nut Between the Keyboard & ScreenBrian Honan

Creating a CERT at WARP SpeedBrian Honan

The Case for Mandatory Data Breach Disclosure LawsBrian Honan

Ic Sconf2010presentation Dp BhBrian Honan

Knowing Me Knowing YouBrian Honan

Plus de Brian Honan (20)

Brian honan ipexpo keynote

GDPR & Brexit - What Does the Future Hold?

Ransomware Prevention Guide

Brian honan

The dark side of the internet

Data security brian honan

Presentation on EU Directives Impacting Cyber Security for Information Securi...

Incident Response in the Cloud

How to Like Social Media Network Security

Bridging the air gap

Proactive incident response

Learning from History

Incident response cloud

Preparing for Failure - Best Practise for Incident Response

Cloud security

Layer 8 Security - Securing the Nut Between the Keyboard & Screen

Creating a CERT at WARP Speed

The Case for Mandatory Data Breach Disclosure Laws

Ic Sconf2010presentation Dp Bh

Knowing Me Knowing You

Dernier

Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK

Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi

🐬 The future of MySQL is Postgres 🐘RTylerCroy

[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j

Salesforce Community Group Quito, Salesforce 101Paola De la Torre

Slack Application Development 101 Slidespraypatel2

How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays

Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik

Developing An App To Navigate The Roads of BrazilV3cube

Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies

08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700

From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software

The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung

04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG

Dernier (20)

Unblocking The Main Thread Solving ANRs and Frozen Frames

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams

🐬 The future of MySQL is Postgres 🐘

[2024]Digital Global Overview Report 2024 Meltwater.pdf

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Salesforce Community Group Quito, Salesforce 101

Slack Application Development 101 Slides

How to Troubleshoot Apps for the Modern Connected Worker

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Injustice - Developers Among Us (SciFiDevCon 2024)

Developing An App To Navigate The Roads of Brazil

Factors to Consider When Choosing Accounts Payable Services Providers.pptx

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

The Codex of Business Writing Software for Real-World Solutions 2.pptx

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx