SlideShare a Scribd company logo

Best practises for log management

Download as PPT, PDF
Brian Honan
Brian Honan

This document discusses best practices for log monitoring. It recommends developing a logging policy to determine what information to collect, centralizing log collection on a dedicated secure server, normalizing log formats, regularly reviewing logs both manually and automatically, implementing log rotation policies based on volume and retention requirements, and using monitoring tools to analyze logs.

1 of 18
Best Practices for Log Monitoring
Introduction ,[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
What Are Logs? ,[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
Why are Logs Important? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
Monitoring as Part of Security Process 20/06/11 Copyright © 2005 BH IT Consulting Ltd Develop Security Policy Secure The Network Improve Based on Feedback Test Security Monitor
Why are Logs Important? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
Typical Network 20/06/11 Copyright © 2005 BH IT Consulting Ltd
The Challenges ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
The Challenges ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
20/06/11 Copyright © 2005 BH IT Consulting Ltd Too Much Information !!!
Best Practices ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
Best Practices ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
Best Practices ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
Best Practices ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
Important Windows Events ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
Tools ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
Links ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],20/06/11 Copyright © 2005 BH IT Consulting Ltd
Questions ? 20/06/11 Copyright © 2005 BH IT Consulting Ltd

Recommended

Choosing Your Log Management Approach: Buy, Build or Outsource
Choosing Your Log Management Approach: Buy, Build or OutsourceChoosing Your Log Management Approach: Buy, Build or Outsource
Choosing Your Log Management Approach: Buy, Build or Outsource
Anton Chuvakin
 
NIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real WorldNIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real World
Anton Chuvakin
 
Log management principle and usage
Log management principle and usageLog management principle and usage
Log management principle and usage
Bikrant Gautam
 
SIEM : Security Information and Event Management
SIEM : Security Information and Event Management SIEM : Security Information and Event Management
SIEM : Security Information and Event Management
SHRIYARAI4
 
Understanding the Event Log
Understanding the Event LogUnderstanding the Event Log
Understanding the Event Log
chuckbt
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
Splunk
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
Nishanth Kumar Pathi
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat Hunting
Dhruv Majumdar
 

Recommended

Choosing Your Log Management Approach: Buy, Build or Outsource
Choosing Your Log Management Approach: Buy, Build or OutsourceChoosing Your Log Management Approach: Buy, Build or Outsource
Choosing Your Log Management Approach: Buy, Build or Outsource
Anton Chuvakin
 
NIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real WorldNIST 800-92 Log Management Guide in the Real World
NIST 800-92 Log Management Guide in the Real World
Anton Chuvakin
 
Log management principle and usage
Log management principle and usageLog management principle and usage
Log management principle and usage
Bikrant Gautam
 
SIEM : Security Information and Event Management
SIEM : Security Information and Event Management SIEM : Security Information and Event Management
SIEM : Security Information and Event Management
SHRIYARAI4
 
Understanding the Event Log
Understanding the Event LogUnderstanding the Event Log
Understanding the Event Log
chuckbt
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
Splunk
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
Nishanth Kumar Pathi
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat Hunting
Dhruv Majumdar
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadar
PencilData
 
Threat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep SinghThreat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep Singh
OWASP Delhi
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
MITRE ATT&CK
 
Knowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CKKnowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
MITRE ATT&CK
 
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro... Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
MITRE ATT&CK
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Priyanka Aash
 
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat IntelligenceEffective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
 
The ATT&CK Latin American APT Playbook
The ATT&CK Latin American APT PlaybookThe ATT&CK Latin American APT Playbook
The ATT&CK Latin American APT Playbook
MITRE ATT&CK
 
[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles
OWASP
 
Threat Modelling - It's not just for developers
Threat Modelling - It's not just for developersThreat Modelling - It's not just for developers
Threat Modelling - It's not just for developers
MITRE ATT&CK
 
Threat hunting on the wire
Threat hunting on the wireThreat hunting on the wire
Threat hunting on the wire
InfoSec Addicts
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with Phirelight
Hostway|HOSTING
 
Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?
Anton Chuvakin
 
FortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptxFortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptx
Alejandro Daricz
 
Splunk 101
Splunk 101Splunk 101
Splunk 101
Splunk
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution
hashnees
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
ATT&CKING Containers in The Cloud
ATT&CKING Containers in The CloudATT&CKING Containers in The Cloud
ATT&CKING Containers in The Cloud
MITRE ATT&CK
 
File000138
File000138File000138
File000138Desmond Devendran
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed Microservices
Kai Wähner
 

More Related Content

What's hot

SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadar
PencilData
 
Threat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep SinghThreat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep Singh
OWASP Delhi
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
MITRE ATT&CK
 
Knowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CKKnowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
MITRE ATT&CK
 
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro... Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
MITRE ATT&CK
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Priyanka Aash
 
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat IntelligenceEffective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
Dhruv Majumdar
 
The ATT&CK Latin American APT Playbook
The ATT&CK Latin American APT PlaybookThe ATT&CK Latin American APT Playbook
The ATT&CK Latin American APT Playbook
MITRE ATT&CK
 
[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles
OWASP
 
Threat Modelling - It's not just for developers
Threat Modelling - It's not just for developersThreat Modelling - It's not just for developers
Threat Modelling - It's not just for developers
MITRE ATT&CK
 
Threat hunting on the wire
Threat hunting on the wireThreat hunting on the wire
Threat hunting on the wire
InfoSec Addicts
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with Phirelight
Hostway|HOSTING
 
Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?
Anton Chuvakin
 
FortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptxFortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptx
Alejandro Daricz
 
Splunk 101
Splunk 101Splunk 101
Splunk 101
Splunk
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution
hashnees
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
ATT&CKING Containers in The Cloud
ATT&CKING Containers in The CloudATT&CKING Containers in The Cloud
ATT&CKING Containers in The Cloud
MITRE ATT&CK
 

What's hot (20)

SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadar
 
Threat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep SinghThreat hunting 101 by Sandeep Singh
Threat hunting 101 by Sandeep Singh
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
 
Knowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CKKnowledge for the masses: Storytelling with ATT&CK
Knowledge for the masses: Storytelling with ATT&CK
 
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro... Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
Intelligence Failures of Lincolns Top Spies: What CTI Analysts Can Learn Fro...
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
 
Effective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat IntelligenceEffective Threat Hunting with Tactical Threat Intelligence
Effective Threat Hunting with Tactical Threat Intelligence
 
The ATT&CK Latin American APT Playbook
The ATT&CK Latin American APT PlaybookThe ATT&CK Latin American APT Playbook
The ATT&CK Latin American APT Playbook
 
[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles
 
Threat Modelling - It's not just for developers
Threat Modelling - It's not just for developersThreat Modelling - It's not just for developers
Threat Modelling - It's not just for developers
 
Threat hunting on the wire
Threat hunting on the wireThreat hunting on the wire
Threat hunting on the wire
 
Cyber Threat Hunting with Phirelight
Cyber Threat Hunting with PhirelightCyber Threat Hunting with Phirelight
Cyber Threat Hunting with Phirelight
 
Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?Application Logging Good Bad Ugly ... Beautiful?
Application Logging Good Bad Ugly ... Beautiful?
 
FortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptxFortiRecon Sales Presentation (1).pptx
FortiRecon Sales Presentation (1).pptx
 
Splunk 101
Splunk 101Splunk 101
Splunk 101
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
ATT&CKING Containers in The Cloud
ATT&CKING Containers in The CloudATT&CKING Containers in The Cloud
ATT&CKING Containers in The Cloud
 

Similar to Best practises for log management

Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed Microservices
Kai Wähner
 
Logicalis Security Conference
Logicalis Security ConferenceLogicalis Security Conference
Logicalis Security Conference
Paul Dutot IEng MIET MBCS CITP OSCP CSTM
 
Event log analyzer by me
Event log analyzer by me Event log analyzer by me
Event log analyzer by me
ER Swapnil Raut
 
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.comWindows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Michael Gough
 
Cutting-Edge Network Behavior Audit Technology from BMST
Cutting-Edge Network Behavior Audit Technology from BMSTCutting-Edge Network Behavior Audit Technology from BMST
Cutting-Edge Network Behavior Audit Technology from BMST
BMST
 
Cso 4any ram rev 2.6 management summary
Cso 4any ram rev 2.6 management summaryCso 4any ram rev 2.6 management summary
Cso 4any ram rev 2.6 management summary
CSO GmbH
 
Oracle Management Cloud
Oracle Management Cloud Oracle Management Cloud
Oracle Management Cloud
Dheeraj Hiremath
 
Oracle Management Cloud
Oracle Management CloudOracle Management Cloud
Oracle Management Cloud
Dheeraj Hiremath
 
Session Auditor - Transparent Network Behavior Recorder
Session Auditor - Transparent Network Behavior RecorderSession Auditor - Transparent Network Behavior Recorder
Session Auditor - Transparent Network Behavior Recorder
BMST
 
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate PresentationObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT
 
Six Mistakes of Log Management 2008
Six Mistakes of Log Management 2008Six Mistakes of Log Management 2008
Six Mistakes of Log Management 2008
Anton Chuvakin
 
How to Use OWASP Security Logging
How to Use OWASP Security LoggingHow to Use OWASP Security Logging
How to Use OWASP Security Logging
Milton Smith
 
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
SolarWinds
 
Cloud computingpptx
Cloud computingpptxCloud computingpptx
Cloud computingpptx
johnsonbcs
 
Security Information Event Management Security Information Event Management
Security Information Event Management Security Information Event ManagementSecurity Information Event Management Security Information Event Management
Security Information Event Management Security Information Event Management
karthikvcyber
 
EventLog Analyzer - Product overview
EventLog Analyzer - Product overviewEventLog Analyzer - Product overview
EventLog Analyzer - Product overview
ManageEngine EventLog Analyzer
 
Securing your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSecuring your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSridhar Karnam
 
Stay clear of the bugs: Troubleshooting Applications in Microsoft Azure
Stay clear of the bugs: Troubleshooting Applications in Microsoft AzureStay clear of the bugs: Troubleshooting Applications in Microsoft Azure
Stay clear of the bugs: Troubleshooting Applications in Microsoft Azure
HARMAN Services
 

Similar to Best practises for log management (20)

File000138
File000138File000138
File000138
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed Microservices
 
Logicalis Security Conference
Logicalis Security ConferenceLogicalis Security Conference
Logicalis Security Conference
 
Event log analyzer by me
Event log analyzer by me Event log analyzer by me
Event log analyzer by me
 
Leveraging Log Management to provide business value
Leveraging Log Management to provide business valueLeveraging Log Management to provide business value
Leveraging Log Management to provide business value
 
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.comWindows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
Windows splunk logging cheat sheet Oct 2016 - MalwareArchaeology.com
 
Cutting-Edge Network Behavior Audit Technology from BMST
Cutting-Edge Network Behavior Audit Technology from BMSTCutting-Edge Network Behavior Audit Technology from BMST
Cutting-Edge Network Behavior Audit Technology from BMST
 
Cso 4any ram rev 2.6 management summary
Cso 4any ram rev 2.6 management summaryCso 4any ram rev 2.6 management summary
Cso 4any ram rev 2.6 management summary
 
Oracle Management Cloud
Oracle Management Cloud Oracle Management Cloud
Oracle Management Cloud
 
Oracle Management Cloud
Oracle Management CloudOracle Management Cloud
Oracle Management Cloud
 
Session Auditor - Transparent Network Behavior Recorder
Session Auditor - Transparent Network Behavior RecorderSession Auditor - Transparent Network Behavior Recorder
Session Auditor - Transparent Network Behavior Recorder
 
ObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate PresentationObserveIT Remote Access Monitoring Software - Corporate Presentation
ObserveIT Remote Access Monitoring Software - Corporate Presentation
 
Six Mistakes of Log Management 2008
Six Mistakes of Log Management 2008Six Mistakes of Log Management 2008
Six Mistakes of Log Management 2008
 
How to Use OWASP Security Logging
How to Use OWASP Security LoggingHow to Use OWASP Security Logging
How to Use OWASP Security Logging
 
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
Government Webinar: Low-Cost Log, Network Configuration, and IT Monitoring So...
 
Cloud computingpptx
Cloud computingpptxCloud computingpptx
Cloud computingpptx
 
Security Information Event Management Security Information Event Management
Security Information Event Management Security Information Event ManagementSecurity Information Event Management Security Information Event Management
Security Information Event Management Security Information Event Management
 
EventLog Analyzer - Product overview
EventLog Analyzer - Product overviewEventLog Analyzer - Product overview
EventLog Analyzer - Product overview
 
Securing your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWPSecuring your IT infrastructure with SOC-NOC collaboration TWP
Securing your IT infrastructure with SOC-NOC collaboration TWP
 
Stay clear of the bugs: Troubleshooting Applications in Microsoft Azure
Stay clear of the bugs: Troubleshooting Applications in Microsoft AzureStay clear of the bugs: Troubleshooting Applications in Microsoft Azure
Stay clear of the bugs: Troubleshooting Applications in Microsoft Azure
 

More from Brian Honan

Brian honan ipexpo keynote
Brian honan ipexpo keynoteBrian honan ipexpo keynote
Brian honan ipexpo keynote
Brian Honan
 
GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?
Brian Honan
 
Ransomware Prevention Guide
Ransomware Prevention GuideRansomware Prevention Guide
Ransomware Prevention Guide
Brian Honan
 
Brian honan
Brian honanBrian honan
Brian honan
Brian Honan
 
The dark side of the internet
The dark side of the internetThe dark side of the internet
The dark side of the internet
Brian Honan
 
Data security brian honan
Data security brian honanData security brian honan
Data security brian honan
Brian Honan
 
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Brian Honan
 
Incident Response in the Cloud
Incident Response in the CloudIncident Response in the Cloud
Incident Response in the Cloud
Brian Honan
 
How to Like Social Media Network Security
How to Like Social Media Network SecurityHow to Like Social Media Network Security
How to Like Social Media Network Security
Brian Honan
 
Bridging the air gap
Bridging the air gapBridging the air gap
Bridging the air gap
Brian Honan
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident response
Brian Honan
 
Learning from History
Learning from HistoryLearning from History
Learning from History
Brian Honan
 
Incident response cloud
Incident response cloudIncident response cloud
Incident response cloud
Brian Honan
 
Preparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident ResponsePreparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident Response
Brian Honan
 
Cloud security
Cloud securityCloud security
Cloud security
Brian Honan
 
Layer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & ScreenLayer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & Screen
Brian Honan
 
Creating a CERT at WARP Speed
Creating a CERT at WARP SpeedCreating a CERT at WARP Speed
Creating a CERT at WARP Speed
Brian Honan
 
The Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsThe Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure Laws
Brian Honan
 
Ic Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp BhIc Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp Bh
Brian Honan
 
Knowing Me Knowing You
Knowing Me Knowing YouKnowing Me Knowing You
Knowing Me Knowing You
Brian Honan
 

More from Brian Honan (20)

Brian honan ipexpo keynote
Brian honan ipexpo keynoteBrian honan ipexpo keynote
Brian honan ipexpo keynote
 
GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?GDPR & Brexit - What Does the Future Hold?
GDPR & Brexit - What Does the Future Hold?
 
Ransomware Prevention Guide
Ransomware Prevention GuideRansomware Prevention Guide
Ransomware Prevention Guide
 
Brian honan
Brian honanBrian honan
Brian honan
 
The dark side of the internet
The dark side of the internetThe dark side of the internet
The dark side of the internet
 
Data security brian honan
Data security brian honanData security brian honan
Data security brian honan
 
Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...Presentation on EU Directives Impacting Cyber Security for Information Securi...
Presentation on EU Directives Impacting Cyber Security for Information Securi...
 
Incident Response in the Cloud
Incident Response in the CloudIncident Response in the Cloud
Incident Response in the Cloud
 
How to Like Social Media Network Security
How to Like Social Media Network SecurityHow to Like Social Media Network Security
How to Like Social Media Network Security
 
Bridging the air gap
Bridging the air gapBridging the air gap
Bridging the air gap
 
Proactive incident response
Proactive incident responseProactive incident response
Proactive incident response
 
Learning from History
Learning from HistoryLearning from History
Learning from History
 
Incident response cloud
Incident response cloudIncident response cloud
Incident response cloud
 
Preparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident ResponsePreparing for Failure - Best Practise for Incident Response
Preparing for Failure - Best Practise for Incident Response
 
Cloud security
Cloud securityCloud security
Cloud security
 
Layer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & ScreenLayer 8 Security - Securing the Nut Between the Keyboard & Screen
Layer 8 Security - Securing the Nut Between the Keyboard & Screen
 
Creating a CERT at WARP Speed
Creating a CERT at WARP SpeedCreating a CERT at WARP Speed
Creating a CERT at WARP Speed
 
The Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsThe Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure Laws
 
Ic Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp BhIc Sconf2010presentation Dp Bh
Ic Sconf2010presentation Dp Bh
 
Knowing Me Knowing You
Knowing Me Knowing YouKnowing Me Knowing You
Knowing Me Knowing You
 

Recently uploaded

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 

Recently uploaded (20)

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 

Best practises for log management