Information Security News mailing list archives
NIST releases standards for security logs
From: InfoSec News <isn () c4i org>
Date: Mon, 1 May 2006 00:42:15 -0500 (CDT)
http://www.fcw.com/article94229-04-28-06-Web By Wade-Hahn Chan Apr. 28, 2006 The National Institute of Standards and Technology released technical guidelines on how federal agencies should manage security logs. The guidelines cover log generation, transmission, storage, analysis and disposal. The guidelines, NIST Special Publication 800-92: Guide to Computer Security Log Management [1], include suggestions for creating a log management policy, prioritizing log files and creating a centralized log management infrastructure to include all hardware, software, networks and media. The 64-page document notes that agencies must deal with larger quantities, volumes and varieties of security logs. They also must comply with a growing number of legislative requirements such as the Federal Information Security Management Act and the Health Insurance Portability and Accountability Act. [1] http://csrc.ncsl.nist.gov/publications/drafts/DRAFT-SP800-92.pdf _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
Current thread:
- NIST releases standards for security logs InfoSec News (Apr 30)