CISO

Enterprise log analysis

Slowly are organization have started using web as a service delivery platform.   Various study reveals that the web as the most economical platform and branches / office being the most expensive platform for the delivery of service to customer.

Further web provides flexibility of time.  Today many of the service has become 24/7 due to the web and other type of channels.

With the web channel maturitry from corporate information dispenser to transaction process, it become relevant that the security measures are built around the web infrastructure.   Along with the implementation of the protections by firewall, ips, router and web application firewall, it is requried that the same needs to be monitored through a single window.   This type of monitoring will enable the organization to find out the various type of attacks that are being done on the web infrastructure of the bank and also the efficacy of the protection infrastructure.

Carefull analysis of the logs will assist the security personnel to identify the type of blocks that are happening at the every line of defence :

Router / Firewall - Port level attacks
IPS - Signature based identification and dropping
Web application firewall - Last line of defence to capture and stop application level vulnerability exploits like cross script, sql injection etc..

Invariably it will be a great challenge within the organization to get the budgetary approvals for the Enterprise log analysis.

Probably to start security professional can start the analysis of the logs pertaining to the various line of defence using tools like excel or access. 

This will help the security professional to generate critical level of data for the display to the management and also bring out the deficiency in the whole security architecture without any effective monitoring tool.

You must sign in to rate content.
(Unrated)

Comments

There are no comments yet for this post.

Leave a Comment

You must be logged in to post a comment.