Security Basics mailing list archives
Re: Review of logs/audit trail - whose responsibility?
From: Gleb Paharenko <gpaharenko () gmail com>
Date: Sat, 26 Sep 2009 17:30:59 +0300
Hi! The core requirements: it should be other person(s) than who is producing log events and this person should be competent enough to analyse the activities in logs. Even, it might be some managed security service provider. When you need performance and fill lack of resource - use different IT departments. In case you need more independent review - make a computer audit to watch for IT logs. 2009/9/22 <sfmailsbm () gmail com>:
Dear all, a simple question: we all agree that there must be logs and audit trails to enable tracing back and monitoring of suspicious activities Logs should be reviewed regularly to identify abnormal activities however, who should "ideally" be responsible for this regular (daily) monitoring of logs? Is it IT, IT Security or Computer Audit? I know that each company might implement it differently, but from a conceptual point of view, in terms of security, what will be the most appropriate choice? thanks for your comments Regards, Ronish ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com http://www.linkedin.com/in/gpaharenko +380503116172 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Review of logs/audit trail - whose responsibility? sfmailsbm (Sep 23)
- RE: Review of logs/audit trail - whose responsibility? Rivest, Philippe (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? Quentin Chung@Programmer (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? Gleb Paharenko (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? M.D.Mufambisi (Sep 29)
- Re: Review of logs/audit trail - whose responsibility? Dan Anderson (Sep 30)
- Re: Review of logs/audit trail - whose responsibility? M.D.Mufambisi (Sep 29)
- <Possible follow-ups>
- Re: Review of logs/audit trail - whose responsibility? craig . wilson (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? ron (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? krymson (Sep 30)