RISE regulars know we are fans of the Center for Internet Security’s Critical Security Controls. Renowned cybersecurity expert Randy Marchany joins us in February to share experiences and recommendations on implementation.
Logs. We’ve talked about them in several presentations. “Maintenance, Monitoring, and Analysis of audit logs” is one of the basic CIS security controls. Security administrators have many choices in tools that handle logs, but do you really understand the purpose, function, and use case for each? What makes a “log aggregation” tool and a Security Information and Event Management (SIEM) tool different? When would you use one over the other?