The debate between data and information has been going on for quite some
time. When people say "knowledge is power", are they referring to data or
information? Is knowledge different still? And how about "intelligence" where
does that fit?
How can we go from data to information to knowledge to intelligence?
The answer is simple. By understanding the animated nature of data evolution
and transformation, and acting upon this understanding.
And this is brought to light by logs from your Information Systems.
Understand this and unleash the Power of Logs.
Figure 1 - Data to Information to Knowledge to Intelligence, and the role of
logs as metadata
Data seems mainly one-dimensional.
Consult any data base or data warehouse, perform even complex queries on
these and you will get a "flat" answer.
The fact that you get a single answer will make you think that data is
absolut... (more)
Log Collection and Reporting requirements
So far in this series we have addressed:
Trust, visibility, transparency. SLA reports and service usage measurement.
Daisy chaining clouds. Transitive Trust.
Intelligent reports that don't give away confidential information.
Logs. Log Management.
Now, not all Log Management solutions are created equal, so what are some
high-level Log Collection and Reporting requirements that apply to Log
Management solutions?
Log Collection
A sound Log Management solution needs to be flexible to collect logs from a
wide variety of log sources, including b... (more)
We saw what typically happens when trying to use static rule-based log
correlation to perform real-time incident management... combinatory explosion
and lack of scalability. How do you automate non-deterministic attacks in a
few discrete steps???
Today, we'll look at more scenarios for which static rule-based log
correlation doesn't make sense.
Attack Scenario Example 2: Brute Force Attack
Let's look at another example scenario. Brute Force Attack.
- A user tries to log in to his account
- He fails many times in a row and then finally succeeds
- Then "probably" a successful Brute ... (more)
The answer is Logs.
Logs are the only metadata that exists today that:
Is widely available Is 100% collectable Is 100% storable On which we can run
intelligent reports Allows us to understand the kinetics aspects of this
ever-changing data
For example logs allow us to understand if a data has had several versions
and iterations and, for each iteration:
Who created, modified or deleted the data When was the information
created/modified/deleted What device was used for the
creation/modification/deletion Was that creation/modification/deletion
authorized It even gives us some cont... (more)
Cloud Portability.
(In the context of Logs of course!!)
So the honeymoon is over.
The Cloud Provider that you so carefully selected is not performing like you
expected and you are eying the competition. You might even be considering
re-insourcing back some of your IT services.
So what happens to all the logs? As a customer, can you Trust that your
Provider(s) will not let you down and mess with your logs?
Well, first off, whose logs are they? Are they the Provider's logs because
they are logs generated by their physical equipment, or are these your logs
because they trace your... (more)
Gorka is a natural born entrepreneur with a deep understanding of Technology, IT Security and how these create value in the Marketplace.
He is today offering innovative European startups the opportunity to benefit from the Silicon Valley ecosystem accelerators.
Gorka spent the last 20 years initiating, building and growing businesses that provide technology solutions to the Industry. From General Manager Spain, Italy and Portugal for LogLogic, defining Next Generation Log Management and Security Forensics, to Director Unisys France, bringing Cloud Security service offerings to the market, from Director of Emerging Technologies at NetScreen, defining Next Generation Firewall, to Director of Performance Engineering at INS, removing WAN and Internet bottlenecks, Gorka has always been involved in innovative Technology and IT Security solutions, creating successful Business Units within established Groups and helping launch breakthrough startups such as KOLA Kids OnLine America, a social network for safe computing for children, SourceFire, a leading network security solution provider, or Ibixis, a boutique European business accelerator.
David Honan
Alex Henthorn-Iwane
Mark van Rijmenam
Dan Ushman
Randy Roberts
Ross Brouse
Swarup Biswas
Snehil Taparia
Sudhi Sinha
Pankaj Mittal
