Security Logging in an Enterprise

by George Chetcuti [Published on 7 May 2013 / Last Updated on 7 May 2013]

The logging diverging requirements, along with resource contention, make it worthwhile to consider a separate high-integrity data store for sole use of Computer Incident Response Teams.

Gavin Reid the Director of Threat Research for Security Intelligence Operations at Cisoc explains how Cisco deals with the diverging logging requirements by IT and security teams. According to Gavin logging is probably both one of the most useful and least used of all security forensic capabilities. In large enterprises many security teams rely on their IT counterparts to do the logging and then turn to the IT logging infra when they need log information.

Read the full article here - http://blogs.cisco.com/security/security-logging-in-an-enterprise-part-1-of-2/

Add Review or Comment

Featured Links