
	Home > Ask the Security Experts > Identity Management and Access Control Questions & Answers > Are there efforts to develop a common logging and audit standard?

Ask The Security Expert: Questions & Answers

EMAIL THIS

Are there efforts to develop a common logging and audit standard?

EXPERT RESPONSE FROM: Joel Dubin, past SearchSecurity.com expert

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 03 June 2008
What's the latest on efforts to develop a common logging and audit standard? Since many believe a standard will eventually emerge, is there anything my organization should do today to prepare and perhaps make a transition easier down the road?

The main initiative in this area is Common Event Expression (CEE), which is meant to be a standard log language for reporting events across different systems. The rationale for a common logging language is common sense. With a common way to report events, malicious activity can not only be tracked across different systems and platforms, it can also be tracked universally in a common repository for security investigators.

Before CEE, log reporting was platform specific, making it difficult, if not impossible, to correlate similar events across systems. CEE, which was spearheaded by MITRE in 2007 through an industry working group, is a common taxonomy, syntax and language for reporting log events. MITRE is an organization that works with the U.S. government on technology issues, including IT security.

The benefits of consistent event and log reporting are enormous. It defines an event unambiguously according to an agreed upon standard, no matter the platform where it occurred, and tightens compliance by providing a standard definition for events for auditors and regulators. It can also cut costs of log management by reducing redundancy in logging from multiple systems.

The status of CEE is that MITRE has an active working group with a mailing list for those interested in participating. For more information about the working group, including how to subscribe to the mailing list, check the MITRE website.

Another good guide on security log management is Special Publication 800-92 from the National Institute of Standards and Technology (NIST).

More information:

Is centralized logging worth all the effort? Learn more.
Read more about preparing for a network security audit.

BROWSE BY TAG

Identity Management and Access Control, Security Audit, Compliance and Standards, IT Security Audits, Security Industry Market Trends, Predictions and Forecasts, Information Security Management, Expert Archive: Identity Management and Access Control, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Identity Management and Access Control
	How to find and remove keyloggers and prevent spyware installation
	How to encrypt passwords using network security certificates
	Prevent meet-in-the-middle attacks with TDES encryption
	How to use single sign-on (SSO) for a server configuration
	Choosing management for Active Directory user provisioning
	LDAP signing requirements for various directory configurations
	User account best practices for an investment management website
	How to determine password strength for a website
	The pros and cons of implementing smart cards
	Keep files from being deleted by assigning read and execute permission

IT Security Audits

Compliance strategy: How to become an internal IT auditor

A guide to internal and external network security auditing

Standards compliance does not equal sound information security risk management

Tony Spinelli: Prioritize Information Security over Compliance

How to prepare for a FERPA audit

MasterCard increases PCI compliance requirements for some merchants

How to select a set of network security audit guidelines

How to write a risk methodology that blends business, security needs

PCI compliance requirement 11: Testing

Using IAM tools to improve compliance

Security Industry Market Trends, Predictions and Forecasts

SCADA system, critical infrastructure security lacking, survey finds

Security architects fear savvy botnet attacks, IPv6 security issues

Security compliance predictions for 2010: New regulations, new technology

IAM trends: Rebuilding security with provisioning technologies

Gartner acquires Burton Group, bolsters presence

Securosis adds Security Incite, Rothman to its roster

Five security industry themes to watch in 2010

How to advance in your infosec career in the current economic storm

Top cybersecurity stories of 2009

Security industry praises Schmidt but sees challenges ahead

Security Industry Market Trends, Predictions and Forecasts Research

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

backscatter body scanning (SearchSecurity.com)

marketecture (SearchSecurity.com)

NCSA (SearchSecurity.com)

Palladium (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2010, TechTarget \| Read our Privacy Policy