Log analysis is an art and science of seeking to make sense out of computer-generated records (also called logs, events or audit trail records).
|
Most companies nowadays have a complex computational environment where every device, system, database or application has the ability to capture and record computational transactions in an audit trail.
Log analysis is becoming more and more a necessity and plays an integral part of Security Risk Management.
To effectively interpret the audit trails, an organization needs to record and log event information from the following activities:
 Users
System
Application
Networked Device
Database
The audit trails are then stored in a centralized location for analysis.
RSS Inc. managed solution requires minimal or no capital expenditure.
|
The amount of collected information is on the rise, thus leaving many companies opting to do nothing with the logs or at best analyze them when problems or incidents arise.
Some reasons for this are lack of internal resources or knowledge. Companies faced with this challenge turn to RSS Inc. for help in log processing and analysis.
Our team utilizes homegrown solutions and techniques along with industry Best Practice methodologies.
This service conforms to key components of many compliance regulations such as PCI-DSS, Sarbanes-Oxley (SOX), Canadian Securities Administrators' (CSA) MI 52-109 and ISO27002. Our CSIRT Service offers a high-value expert analysis provided by information security specialists.
Our Log Analysis Service offers a high-value expert analysis provided by information security specialists.
Solution Benefits
The immediate benefit to an organization is to bring awareness of ongoing suspicious activities. This information can be used by the organization to detect abnormalities or unauthorized occurrences. Monitoring logs enables an organization to proactively conduct an in-depth analysis of activities such as what a specific user does along with the ability to identify and monitor users’ behavior or habits.
Further investigation of the detected abnormalities or unauthorized occurrences of targeted assets will be used to prioritize the response. The details of the suspicious activity will be presented within different reports ensuring corporate compliance with industry, legislative, regulative standards and/or requirements.
The information contained within these reports will be analyzed and mitigation steps will be proposed to the client. The mitigation steps presented will address the immediate concern of the ongoing suspicious activities.
The RSS Inc. team will provide mid and long-term preventative steps in order to mitigate future incidents.
Solution Deliverables
Log Analysis service is a solution combining software, hardware, and services providing our clients with a reassurance that their logs are being continuously reviewed for information security issues. The solution encompasses the following deliverables:
Professional assistance in configuring devices and logging level
Establishing secure delivery path for client audit trails
7×24 proactive monitoring
Identify security events using internally developed scripts and techniques
Interpreting audit trail or logs
Information analysis
Investigation
Security Alert Response Service
Reports
Actionable and Pragmatic Recommendations
|
