Jun 04, 2012
Best Practices: 15 Ways to Get More Value From Security Log and Event Data
Data is both a blessing and a curse for organizations today. The enormous amounts of data generated by enterprise networks, servers, personal computing devices and applications can be mined and analyzed to identify and even prevent threats to security, not to mention drive purposeful, strategic technology and business decisions. But all that data presents a huge challenge: In this sea of data, we often don’t know what’s important. In other words, we are drowning in data but are thirsty for actionable information.
There’s a growing push to solve this issue. How can security professionals dig through storehouses of log data, security event information and other monitoring data to identify potential compromises or threats? How can they correlate log and event data entries to show how a series of seemingly unrelated events might indicate a new attack? And how do other stakeholders in the organization—operations, compliance, IT and line-of-business managers—get what they need to do their jobs more effectively?
In this report, we recommend 15 ways organizations can leverage tools and best practices to more effectively analyze security information. (S4950512)