Learn valuable techniques for sifting through logs to find legitimate security events you need to analyze and respond to before they negatively affect your organization’s bottom line.
John Burke is a Principal Research Analyst with Nemertes Research, where he conducts primary research, develops cost models, delivers strategic seminars, advises clients, and writes thought-leadership pieces across a wide variety of topics. John's main focus of research are cloud computing, virtualization, application delivery networking, SOA, and SaaS. His other areas of expertise are information stewardship (including information protection, information lifecycle management, business continuity planning, compliance, and data quality management) and storage technologies.
In this part:
Security teams log lots events -- more and more of them all the time. Unfortunately, they don't make much use of these logs except in retrospect when trying to understand something long after it happened. In order to improve your organizations security posture, security teams needs to make better use of logs. The challenges in doing so are both organizational and technical, and it is imperative that you address both sides of the problem. Security and network teams must work together in order to implement robust aggregation, analysis, reporting and search.
In this presentation, we’ll review how to make the most of logs to augment an organization’s security posture.
Search is a key discipline for security log management. John Burke explains how to better search log files to improve security event log management.
Top 5 mistakes to avoid during log management implementations
In this podcast, learn about five key issues to avoid in log management implementations so you can make the most of security event logs to augment your organization’s security posture.
Quiz: Security log analysis for actionable security information
Test your knowledge of security log analysis in this five-question quiz.