LogBlog

« September 2005 | Main | November 2005 »

FREE WEBCAST: “Where IT Audit Meets Investigation”

Tuesday, November 1, 2005 | 8 to 9 a.m. PST / 11 a.m. to 12 noon EST

Join us and partner Blue Coat Systems, a leading provider of proxy appliances, in a live Webcast that illustrates how enforcing Web security and auditing Web activity is crucial to presenting accurate information at the right time for auditing or investigation as a result of compliance or corporate governance requirements. Register now!

Gerard M. Stegmaier, an attorney who focuses on the defense of securities class actions, shareholder derivative suits and SEC enforcement actions will also be speaking. Mr. Stegmaier also litigates on behalf of and counsels clients concerning public and private corporate governance and Internet issues related to privacy and information security.

We will address topics including: Once you have received your compliance audit results (such as HIPAA or SOX), does that safeguard organizations from facing legal inquiries?

Today’s compliance statutes such as Sarbanes-Oxley and HIPAA are keeping IT departments working fast-and-furious as they implement best practices for risk mitigation including enforcing and auditing security policies. Current practices require that organizations store 100% of all log data and measure security enforcement policies, while segregating the duty of policy enforcement and policy audit.

Posted October 28, 2005 in LogLogic News | Permalink | TrackBack (0)

« September 2005 | Main | November 2005 »

Vote For LogLogic Now!

SC Magazine's annual awards are coming to a close. Time is running out to vote for LogLogic as the best tool for computer forensics. A vote for LogLogic is a vote for you!

Posted October 26, 2005 in LogLogic News | Permalink | Comments (1) | TrackBack (0)

« September 2005 | Main | November 2005 »

Five tips for building log management infrastructures

Whether you're building your own logging tool or evaluating a log management solution, there are at least five factors you should consider from Jian's recent article in ComputerWorld:

  1. The retention period: The log retention period obviously depends on your requirements. If you are building out the infrastructure for troubleshooting and short-term reporting, you may need to keep only one or two months of logs.

  2. Log volume: Log volume is probably one of the most critical factors in building your infrastructure. It has a direct impact on your retention policy, report/search performance, aggregation performance and correlation performance.

  3. Source applications: What are all the devices, servers and applications that will be logging? If you are developing your own solution, there may be a lot of work for you to parse the various log messages.

  4. Reports and analysis: Log analysis includes everything from reports, correlation and anomaly detection to trend analysis. It again depends on your requirements. However, your product should have some of the basic functions such as threshold and rule-based alerts via e-mail or SNMP.

  5. Network topology: Your network topology affects how you should design your logging infrastructure. If you have a fairly distributed topology, for example, many remote locations, you will want to design a solution or look for a product that has a distributed architecture that can retrieve/receive logs in a distributed manner and forward logs back to a central location for analysis and archival.

- Jian

Posted October 24, 2005 in Log Management & Intelligence | Permalink | TrackBack (0)

« September 2005 | Main | November 2005 »

Get Compliant. Improve Your Business.

IDC reports that respondents to their survey "The Compliance Chasm", indicated that they were not only anticipating improvements in financial management activities but overall business performance management as well. 88% of respondents said that Sarbanes-Oxley would have a positive impact on business performance. As a result, IDC reports, a number of organizations have now moved from viewing compliance as a burden to using compliance requirements as an opportunity to improve business processes and manage risk.

"Sarbanes-Oxley requires constant vigilance over financial reporting processes that can extend throughout the enterprise," said study author Kathleen Wilhide, director, financial compliance applications and BPM software at IDC. "As a result, it is no surprise to see that technology, including compliance software, is playing a vital role in the compliance effort. The implications of compliance software reach beyond meeting Sarbanes-Oxley mandates; the software also has the capability to contribute to increased efficiency and profitability across the organization."

Log management and intelligence is a foundational activity for achieving SOX compliance. We've got more info on our site if you are interested.

You can read more here.

Posted October 20, 2005 in Compliance , LogLogic News | Permalink | TrackBack (0)

« September 2005 | Main | November 2005 »

LogLogic 3 Makes Headlines

LogLogic 3 is generating plenty of interest worldwide as the launch rolls out. Here are some of the highlights:

Posted October 17, 2005 in LogLogic News | Permalink | TrackBack (0)

« September 2005 | Main | November 2005 »

Big Day At LogLogic

Today was a significant one as we went public with LogLogic 3, launched a new loglogic.com and unveiled the logblog. I've spent much of the past two weeks with customers - all of whom have underscored the significance of what we are doing. Network operators, sys admins, security desk managers... and many more key IT resources, have had too much of their lives directed towards scouring through log files for critical information. The goal is a pretty simple one, turn these folks into heroes by providing them with the equivalent of Yahoo! (a customer) for infrastructure data.

There are three major data sources in the Enterprises today:

  1. Public Data: all the stuff - files, documents, products that we have in the public domain. Getting at this stuff is pretty straightforward. You Yahoo! or Google it.

  2. Unstructured Data: all the data inside the Enterprise that is more than often locked-up in applications, databases and other systems.

  3. Infrastructure Data: all the data generated by applications, networking gear, servers, operating systems, mainframes and much more. To put it in perspective, Enterprises typically generate upwards of 40 terabytes of data in this class every year at rates exceeding 250 million messages per day.

It's in this last category that LogLogic 3 comes in. We make collecting, alerting, storing and reporting on this data as easy as finding critical financial information on Yahoo! today. Congratulations to all the team!

Posted October 17, 2005 in LogLogic News | Permalink | TrackBack (0)

« September 2005 | Main | November 2005 »

The LogBlog!

Welcome to the LogBlog! As you can see we've been testing and playing around with the LogBlog - first on TypePad and then using MoveableType. Over the past week we integrated the Logblog within LogLogic.com for a couple of reasons - we wanted it to be easy for customers and partners to connect to information across the sites and, we wanted both our blog and site searchable from within a single navigation bar.

Over the coming weeks you will start to see more posts from the team here at LogLogic. We're also inviting our customers and partners to post with us. Send us your thoughts and suggestions.

Our comments and trackbacks are turned on. The rules here are simple. If you are offensive, have an axe to grind or off topic we will delete the comment. This is all about establishing conversations and that's the acid test we will apply.

Thanks to the team at RD2 for their hard work on designing this and loglogic.com. They've done some innovative things that we'd be happy to share with folks. For instance, we can post to all major sections of loglogic.com using MoveableType. This gives us a single platform from which to manage content. Also, we've enabled RSS across the site.

Posted October 17, 2005 in LogLogic News | Permalink | TrackBack (0)

« September 2005 | Main | November 2005 »

Lots Coming Over the Next Week

We're relaunching loglogic.com, and watch for big product news.

Posted October 16, 2005 in | Permalink | TrackBack (0)

« September 2005 | Main | November 2005 »

More on our partnership with BlueCoat

SOX Compliance Journal has more on our partnership with BlueCoat. We're providing advanced support for the Blue Coat ProxySG family of appliances, which include the ability to provide ah-hoc, real-time reports on Web caching and Web surfing activity extracted from ProxySG log data. And, you can aggregate, archive, and quickly search unaltered Blue Coat logs to ensure compliance with requirements from Sarbanes-Oxley and HIPAA, as well as legal inquires if needed. Search-filter alerts from Blue Coat logs can also be set up to warn administrators of suspicious or unusual behavior.

Posted October 08, 2005 in LogLogic News | Permalink

« September 2005 | Main | November 2005 »

LogLogic on the Cover of Secure Convergence Journal

Secure CJ CoverWow!  The October, 2005 issue of Secure Convergence Journal features a cover story written by LogLogic's very own Dominique Levin entitled "Using Log Data to Manage Operational Risk."  Be sure and check it out.

Posted October 07, 2005 in | Permalink

« September 2005 | Main | November 2005 »

Data Leakage in NY

Expect to see this more and more...

Information Leaks Leave University Students Vulnerable
By Eleazar David Meléndez
Spectator Staff Writer 
October 05, 2005

A harmless act of procrastination by a Queens College law student inadvertently uncovered what has become a massive headache for hundreds of City University of New York students, employees, and affiliates.

The university rushed to inform CUNY students last week that a security foul-up had compromised their confidential information. As New York Newsday first reported on Tuesday, the student, Googling her own name at a computer in the school’s library, found a set of documents that revealed the sensitive personal information of over 300 students. She told Newsday she recalled screaming, “What the hell is this?” in the middle of the library.

Posted October 07, 2005 in LogLogic News | Permalink

« September 2005 | Main | November 2005 »

CERT Pushes for Standard Malware Names

Newsfactor Network is reporting that CERT Pushes for Standard Malware Names

The U.S. Computer Emergency Readiness Team (US-CERT) has kicked off an initiative to create common names for Internet worms and threats.

The Common Malware Enumeration (CME) initiative aims to reduce confusion with the general public that is caused by disparate naming schemes for Internet threats.

A recent worm that used a known vulnerability in the Windows operating system, for instance, was referred to as Zotob.E by Symantec, W32/IRCbot.worm!MS05-039

Currently, Internet worms are often named using information about the virus or follow a description the author entered when crafting the malware. The new naming scheme uses a CME-number, with the first virus being called CME-1 and so forth.

Posted October 07, 2005 in LogLogic News | Permalink

« September 2005 | Main | November 2005 »

Tell Your Friends: Vote for LogLogic

SC Awards 2006

Log Vote 2006

The 2006 SC Magazine Awards nominations are in and LogLogic needs your vote. LogLogic is nominated in two categories.  Vote today.  No time to wait!  Voting ends October 28, 2005.

Best Security Audit

Best Computer Forensics

Posted October 05, 2005 in | Permalink

« September 2005 | Main | November 2005 »

Compliance Tips from the Pros

SearchSecurity today has some tips to streamline and spearhead your compliance efforts.   

While many of you have undergone the rigors of meeting compliance requirements for Sarbanes-Oxley, some of you are new to the role, or are associated with companies that are just going public and have not previously been subject to this legislation. For those of you lucky enough to have drawn the assignment, the task may seem quite daunting. However, there are a few steps you might want to consider that could help slice sizeable task into manageable servings.

Posted October 05, 2005 in LogLogic News | Permalink

Visit loglogic.com

I ♥ Logs

Subscribe to this blog’s feed RSS

November 2007
Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30  
Categories
Archives
Blogroll
Blogroll
Compliance
Good Reading
LogLogic
LogLogic Partners
Sites We Watch