LogBlog

« On Trusting Log Timestamps | Main | RSA 2008 Summary »

Security Mash-Ups in the Cloud

In the past 90 days, Savvis, Verizon Business Services and SecureWorks launched hosted or cloud-based log management services. Customers do not pay for owning any log management infrastructure, but rather for using it and typically pay monthly on a per-device basis. Security in general and log management specifically lend itself well for a cloud-based model since compliance mandates and new threats continue to evolve and require continuous updating of reports and alerts, in addition to a high level of expertise, often not found in-house.  Stephen Northcutt from SANS has made the case for outsourcing Log Analysis here.

But there is one more significant advantage to Security in the Cloud … Security service providers can be (and are) light-years ahead of product vendors when it comes to putting together integrated compliance offerings. Customers typically access cloud-based offerings through a web portal. Using web services, service providers can quickly and easily create compliance mash-ups, for example combining reports from vulnerability scanning services with log management-based user activity reports. Very cool!

Posted April 15, 2008 in | Permalink

TrackBack

TrackBack URL for this entry:
http://www.loglogic.com/mt/mt-tb.cgi/316

Post a comment

Visit loglogic.com

I ♥ Logs

Subscribe to this blog’s feed RSS

June 2008
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30          
Categories
Archives
Blogroll
Blogroll
Compliance
Good Reading
LogLogic
LogLogic Partners
Sites We Watch