the State of Security

event management

The Evolution of Security Information and Event Management (SIEM)

by Cindy Valladares

A few weeks ago, eIQnetworks commissioned a survey of security professionals. According to the press release, “the SIEM approach of relying entirely on logs and other event-based information to effectively address modern enterprise threats is now dead.” There was a lot of reaction from analysts, bloggers and influencers on the ‘SIEM is dead’ affirmation. Here [...]

Read More

Cancer and security breaches

by Dwayne Melancon

I’m a cancer survivor, and it strikes me that cancer and IT security breaches have something in common: early detection is crucial. You see, 11 years ago, I caught my cancer (malignant melanoma) fairly early, it was treated quickly, and I’ve had no recurrence since then. This was possible because a) my wife noticed something [...]

Read More

RSA 2010: Proving the Worth of Security Metrics with Real-World Data

by David Spark

David Spark here reporting for Tripwire at the 2010 RSA Conference in San Francisco. Your organization is measuring an endless stream of data. You could get buried trying to look at it all. The question is, “Why are you looking at it all?” Shouldn’t you just be looking at the good stuff? The stuff that [...]

Read More

RSA 2010: If you don’t look at your log data, how are you going to catch data breaches?

by David Spark

David Spark here reporting for Tripwire at the 2010 RSA Conference in San Francisco. I spoke with Bob Russo, General Manager of the PCI Security Standards Council, about the common practice of companies turning on their server logs, just because they need to for compliance, and then never actually looking at it. It’s kind of [...]

Read More

RSA 2010: Suspicious patterns alone aren’t enough to tell you you’ve got a problem

by David Spark

David Spark here reporting for Tripwire at the 2010 RSA Conference in San Francisco. In this video are Tim Zonca (@timzonca), Product Marketing Manager of Tripwire and Dwayne Melancon (@ThatDwayne), Tripwire’s VP of Log Management. Melancon offered a great explanation of the value of change information synced with log events. He compared it to a [...]

Read More

RSA 2010: Why you want to look at your change log in conjunction with your event log

by David Spark

David Spark here reporting for Tripwire at the 2010 RSA Conference in San Francisco. Tripwire’s edge over other competitors in the log management space is their ability to see the connections between log events and changes on your network. The man responsible for integrating that critical feature is Robert DiFalco, Tripwire’s CTO. During our interview, [...]

Read More

← Previous Entries

Next Entries →