Log, log and log some more

Tripwire looks to log files as the best source of security and compliance

  • 11 years ago Posted in

Many years ago a wise journalist said that the first law of journalism was to know. The second was to write about it.  It is a rule that applies far more widely, of course, not least to security in IT systems that work in the cloud.

The first law here is to know – and know as soon as possible – that operations are going awry and what is happening. Only then does it become possible to take defensive steps or remedial actions to curtail or resolve the problem.

The core source for such information is, of course, the computer log files, and these are the target that Portland, USA, based security and compliance management specialist, Tripwire, which has just introduced an advanced log intelligence and enhanced correlation analytics solution. This pulls together the latest version ,7.0, of the company’s Log Center TLC, its Vulnerability Management system, IP360, and the company’s new risk evaluation platform, VIA Agent.

The package is aimed at the increase in sophisticated, targeted attacks which, when coupled with the increase in the data volumes make it difficult for enterprises to respond quickly to security events connected with cyber attacks. The volume of log data alone makes it hard for organisations to provide the high-speed analysis and filtering of event data necessary to respond to security events.

In addition, auditors are demanding evidence of complete log collection. Advanced evidence of log information is required for compliance with a growing range of security-related legislation around the world.

 The Log Center solution securely collects, analyes and correlates log data from devices, servers, applications and automated security processes to improve security and simplify compliance. Collected data is analysed and filtered so only actionable and relevant events are sent to IT security teams or forwarded to SIEM systems.

Its key features include reliable collection of all log data with local caching and smart bookmarking to avoid data loss; secure, encrypted communications between agents and manager; a small agent footprint that is ideal for cloud and virtual machines; data compression that reduces network footprint; an intuitive GUI that simplifies the creation of complex correlation rules; and intelligent correlation of the system state and business value of assets through integration with Tripwire Enterprise and Tripwire IP360.

Talent and training partner, mthree, which supports major global tech, banking, and business...
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
GPUaaS provides customers on-demand access to powerful accelerated resources for AI, machine...
TMF Group, a leading provider of critical administrative services for global businesses, turned to...
Strengthening its cloud credentials as part of its mission to champion the broader UK tech sector...
Nearly all UK IT managers surveyed (98%) state cloud investment is an organisational priority for...
LetsGetChecked is a global healthcare solutions company that provides the tools to manage health...
Node4 to the rescue.