My advice for log management . Identify what could go wrong and then only log the activities that would be associated with that malicious activity (by enabling the devices to log these activities and sending them to a central log server under the control of the security department). Then establish alerts on a risk based approach only for those malicious activities that are of real concern.
----
Sent using a Sony Ericsson videophone
About Me
- Matthew Hackling
- Matt runs his own security consultancy called Ronin Security. His focus is information security management and he has a keen interest in infrastructure and web application security. He's a CISSP and the current Branch Executive of the Melbourne chapter of the Australian Information Security Association.
Labels
- AISA (1)
- australian information security market (1)
- career advice (1)
- causes (1)
- DoS (1)
- economics (1)
- FUD (1)
- futurism (1)
- information security governance (4)
- IPS (1)
- privacy (2)
- sacred cows (1)
- security patching (1)
- vulnerability management (1)
- webappsec (1)
Tuesday, February 3, 2009
Subscribe to:
Post Comments (Atom)
Handy Links
Twitter Updates
Matt's list of blogs
-
TEDxMaui -- Hack Yourself First3 weeks ago
-
FedRAMP: It’s Here but Not Yet Here2 months ago
-
Bunraku V0.0.36 months ago
-
GoGrid Security Breach10 months ago
Blog Visitors
Lijit
InterSec - ISC2 CISSP networking portal
0 comments:
Post a Comment