ControlCase Monthly Newsletter July 2018
Log Monitoring and File Integrity monitoring
Security Log Monitoring services help clients to weed through system and audit logs quickly and cost effectively, leaving only relevant records that the organization must analyze and retain.
ControlCase’s Log Monitoring services help clients tame information overload and focus only on critical events that impact the confidentiality, integrity and availability of their confidential information.
Webinar – Log Monitoring and File Integrity Monitoring
Thursday July 12th @ 11am EST
In this 45 minute webinar, ControlCase will discuss the following in the context of PCI DSS and PA DSS:
- What is Log Management and FIM
- PCI DSS, EI3PA, ISO 27001 requirements
- Log Management and regulation requirements/ mapping
- File Integrity Monitoring and regulation requirements/ mapping – Challenges
- Q&A
Date:
Thursday, July 12, 2018
Time:
11:00 AM – 11:45 AM EST
Security fundamentals: File integrity monitoring
File Integrity Monitoring (FIM) FIM and change detection are inextricably linked, and detecting change is at the core of FIM.
Security fundamentals: Log management
Fundamentally, a log is a way for humans to see what a system has been doing and are used by IT operations teams when troubleshooting an incident.
4 reasons why CISOs must think like developers to build cybersecurity platforms and stop investing in ‘silver bullets’
-
Drowning in the cybersecurity data deluge
There is a constantly growing list of “sensors” generating security data. The velocity, variety, and volume of data easily overwhelm security analysts. Analytics and automation are the only way out.
-
Tool and data “balkanization”
The CISO is constantly reacting to threats and buying “silver bullet” tools. This leads to a messy digital hodgepodge of PDF reports, HTML pages, XML extracts, and .CSV files that are hard to integrate, analyze and program for creating automated responses.
-
From discrete security events to continuous security
Rapid code, environment and data changes require a proactive and dynamic approach to security. Security as code is the only way to scale and react in real time.
-
Reactive and passive posture
Logging, monitoring and alerting are not timely enough. The ability to react in near real-time is critical to limit damage. Proactive threat-hunting and highly automated security operations and incident response are key to protecting digital assets.