RSA 2010: Getting more insight into your network activity (or non activity) and the changes that result

David Spark here reporting for Tripwire at the 2010 RSA Conference in San Francisco.

Last August, Tripwire purchased Activeworx’s log center and integrated it into its suite of products. I spoke with Jeff Dell, founder of Activeworx, and now Tripwire’s Chief Architect of the Log Center about what’s changed with Log Center since Tripwire purchased the product back in August. Dell said the biggest changes they’ve made have been to incorporate the Log Center product with the Enterprise product. Now that they’re integrated, Tripwire can show changes that are happening in the enterprise, but also provide details that you can’t see with other SIEM products. As Dell explained, combining the two gives you more intelligence around changes as they occur, like an authentication event. What I thought was unusual is that Tripwire will bring to your attention a change that occurs if there’s no log activity at all to match it. Such behavior indicates someone may have used a back door to access your network unseen.

Check out more of Tripwire’s coverage from the 2010 RSA Conference in San Francisco.

Tagged as: event management, IT Security, IT Security and Data Protection, log management, RSA, RSA 2010

This post was written by…

David Spark has contributed 73 posts to The State of Security.

Twitter @dspark

Contact David Spark

David Spark is a veteran tech journalist and founder of Spark Media Solutions, a media consulting and production company. Acting as the "media" of "social media," Spark Media Solutions helps its clients be seen as leading voices in their field through brand-quality media production and distribution through top tier media channels.