SlideShare a Scribd company logo

Logs in Security and Compliance flare

Download as PPTX, PDF
Z
zilberberg

Organizations aim to enhance visibility, analytics, and cybersecurity to improve compliance and risk management. Effective log data collection and analysis are critical for incident response, auditing, and ensuring accountability during data breaches. A lack of preparedness and robust auditing increases vulnerability to attacks, particularly those targeting compromised user accounts.

Technology
1 of 20
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Log Data Compliance and Security drivers
• I think organisations want to achieve better Visibility Analytics and Cyber Security posture in order to “remain in the game”
Compliance
Logs in Security and Compliance flare
• Risk management and assesment • Audit trail • Forensic • Leak protection • User right management • Separation of duties
Security
• Incident responce/Management • Identify/Analyse/Gather Evidence • Users/Systems Auditing • Forensic • Leak Prevention/protection • Blue/Red • Business enablement • APT
• Security and Compliance activities in an organisation relay on visibility into the organisations systems and data, this activities have strong dependencies on Logged data among other mechanisms used.
Example • DBA • Hard working Individual • HR cleared • Strong technically • Wider access to system than “normal users”
Logs in Security and Compliance flare
• Targeted • Advance Phishing Techniques • Social Eng./Networks • Reconnaissance • InfoSec “Black market”
Logs in Security and Compliance flare
Organisation Facing difficult questions as: • Who AUDIT your DATA? • Are you ready for answering (WhatWhereWhen)? • Do you have a response capability? • Are your people trained ? • What happens WHEN you get compromised?
Logs in Security and Compliance flare
Log = Intelligence Log = Evidence Log = Accountability
http://datalossdb.org/statistics Discover Indicators Of Compromise for your information Crown Jewels.
• Collecting Log information from Systems Applications and Infrastructure provide us with the power of knowledge and the ability to evidence and answer as required.
What's “out there”… ◇ We use native auditing, it meets our needs… ◇ Can’t risk performance degradation or latency… ◇ The database/DATA is locked down, we trust the people who can access it… ◇ Our database/DATA is encrypted… ◇ Its too complex, I would need to dedicate a headcount to manage it. ◇ It’s too expensive… ◇ Too early, only starting to look at such solutions… ◇ We don’t store sensitive data in our network…
• Organisations that are breached tend to be less compliant. • Most attacks against databases involve: • Compromising user accounts or • Running queries within the privileges of the user • Database/Data encryption can’t protect against these attacks • Audit will provide the needed details to investigate a data breach event (internal or external) • If regulated (PCI, SOX…) then an audit trail is REQUIRED.
David Zilberberg Thank You.

More Related Content

PPTX
Sensitive Data Exposure
abodiford
 
PPTX
Database security
MaryamAsghar9
 
PPTX
Database Security Management
Ahsin Yousaf
 
PPTX
Database security
afzaalkhalid1
 
PPT
Database Security
RabiaIftikhar10
 
PPTX
Insider Threat Final Powerpoint Prezi
Kashif Semple
 
PDF
Best Practices for implementing Database Security Comprehensive Database Secu...
Kal BO
 
PPTX
Data Security Explained
Happiest Minds Technologies
 
Sensitive Data Exposure
abodiford
 
Database security
MaryamAsghar9
 
Database Security Management
Ahsin Yousaf
 
Database security
afzaalkhalid1
 
Database Security
RabiaIftikhar10
 
Insider Threat Final Powerpoint Prezi
Kashif Semple
 
Best Practices for implementing Database Security Comprehensive Database Secu...
Kal BO
 
Data Security Explained
Happiest Minds Technologies
 

What's hot (19)

PPTX
DBMS SECURITY
Wasim Raza
 
PPTX
what is data security full ppt
Shahbaz Khan
 
PPTX
Database security
Zubair Rahim
 
PPT
Database security
Prabhat gangwar
 
DOCX
Database Security Concepts | Introduction to Database Security
Raj vardhan
 
PPTX
In data security
adithdev
 
PPT
Lesson10 Database security
Muhammad Sikandar Mustafa
 
DOCX
Data Security
ankita_kashyap
 
PPT
Security Software
bennybigbang
 
PDF
Database Security
Ferdous Pathan
 
PDF
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Ravtach Solutions
 
PDF
Data Security
qmsWrapper
 
PPTX
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
PPTX
Data security
Tapan Khilar
 
PPT
Database security
CAS
 
PPTX
Database Security And Authentication
Sudeb Das
 
PDF
Chapter 15 incident handling
newbie2019
 
PDF
Brochure Imperva Vormetric
Michelle Guerrero Montalvo
 
PDF
Database security
Murchana Borah
 
DBMS SECURITY
Wasim Raza
 
what is data security full ppt
Shahbaz Khan
 
Database security
Zubair Rahim
 
Database security
Prabhat gangwar
 
Database Security Concepts | Introduction to Database Security
Raj vardhan
 
In data security
adithdev
 
Lesson10 Database security
Muhammad Sikandar Mustafa
 
Data Security
ankita_kashyap
 
Security Software
bennybigbang
 
Database Security
Ferdous Pathan
 
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Ravtach Solutions
 
Data Security
qmsWrapper
 
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
Data security
Tapan Khilar
 
Database security
CAS
 
Database Security And Authentication
Sudeb Das
 
Chapter 15 incident handling
newbie2019
 
Brochure Imperva Vormetric
Michelle Guerrero Montalvo
 
Database security
Murchana Borah
 
Ad

Viewers also liked (6)

PDF
Mis 510 cyber analytics project report
Aadil Hussaini
 
PPTX
Log analysis using Logstash,ElasticSearch and Kibana
Avinash Ramineni
 
PDF
From Zero to Hero - Centralized Logging with Logstash & Elasticsearch
Sematext Group, Inc.
 
PPTX
Elk stack
Jilles van Gurp
 
PDF
Logging with Elasticsearch, Logstash & Kibana
Amazee Labs
 
PPTX
Attack monitoring using ElasticSearch Logstash and Kibana
Prajal Kulkarni
 
Mis 510 cyber analytics project report
Aadil Hussaini
 
Log analysis using Logstash,ElasticSearch and Kibana
Avinash Ramineni
 
From Zero to Hero - Centralized Logging with Logstash & Elasticsearch
Sematext Group, Inc.
 
Elk stack
Jilles van Gurp
 
Logging with Elasticsearch, Logstash & Kibana
Amazee Labs
 
Attack monitoring using ElasticSearch Logstash and Kibana
Prajal Kulkarni
 
Ad

Similar to Logs in Security and Compliance flare (20)

PPTX
Aligning Application Security to Compliance
Security Innovation
 
PPTX
Tsc2021 cyber-issues
Ernest Staats
 
PPT
Lecture data classification_and_data_loss_prevention
Nicholas Davis
 
PPT
Lecture Data Classification And Data Loss Prevention
Nicholas Davis
 
PPT
Data Classification And Loss Prevention
Nicholas Davis
 
PDF
2010 za con_stephen_kreusch
Johan Klerk
 
PPTX
Insider threat v3
Lancope, Inc.
 
PDF
The MITRE ATT&CK "Collection" Tactic is Missing Very Important Techniques: D...
MITRE ATT&CK
 
PPTX
Privacies are Coming
Ernest Staats
 
PDF
Data compliance - get it right the first time (Black/White printable PDF)
Peter GEELEN ✔
 
PDF
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
IGN MANTRA
 
PDF
Data compliance - get it right the first time (Full color PDF)
Peter GEELEN ✔
 
PPTX
DSS.LV - Principles Of Data Protection - March2015 By Arturs Filatovs
Andris Soroka
 
PDF
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
Gary Dodson
 
PPT
Data security in the cloud
IBM Security
 
PPTX
Identity and Security in the Cloud
Richard Diver
 
PDF
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
IGN MANTRA
 
PDF
Microsoft Avanced Threat Analytics
Adeo Security
 
PPTX
Privacies are coming
Ernest Staats
 
PPT
Data Protection, Humans and Common Sense
usbcopynotify
 
Aligning Application Security to Compliance
Security Innovation
 
Tsc2021 cyber-issues
Ernest Staats
 
Lecture data classification_and_data_loss_prevention
Nicholas Davis
 
Lecture Data Classification And Data Loss Prevention
Nicholas Davis
 
Data Classification And Loss Prevention
Nicholas Davis
 
2010 za con_stephen_kreusch
Johan Klerk
 
Insider threat v3
Lancope, Inc.
 
The MITRE ATT&CK "Collection" Tactic is Missing Very Important Techniques: D...
MITRE ATT&CK
 
Privacies are Coming
Ernest Staats
 
Data compliance - get it right the first time (Black/White printable PDF)
Peter GEELEN ✔
 
2019-09-11 Workshop incident response n handling honeynet Universitas Indonesia
IGN MANTRA
 
Data compliance - get it right the first time (Full color PDF)
Peter GEELEN ✔
 
DSS.LV - Principles Of Data Protection - March2015 By Arturs Filatovs
Andris Soroka
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
Gary Dodson
 
Data security in the cloud
IBM Security
 
Identity and Security in the Cloud
Richard Diver
 
Workshop incident response n handling-bssn 12 nop 2019-ignmantra
IGN MANTRA
 
Microsoft Avanced Threat Analytics
Adeo Security
 
Privacies are coming
Ernest Staats
 
Data Protection, Humans and Common Sense
usbcopynotify
 

Recently uploaded (20)

PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
A Presentation on Artificial Intelligence
memembruh336
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Cloud computing and distributed systems.
kkkkkhan
 

Logs in Security and Compliance flare

  • 1. Log Data Compliance and Security drivers
  • 2. • I think organisations want to achieve better Visibility Analytics and Cyber Security posture in order to “remain in the game”
  • 5. • Risk management and assesment • Audit trail • Forensic • Leak protection • User right management • Separation of duties
  • 7. • Incident responce/Management • Identify/Analyse/Gather Evidence • Users/Systems Auditing • Forensic • Leak Prevention/protection • Blue/Red • Business enablement • APT
  • 8. • Security and Compliance activities in an organisation relay on visibility into the organisations systems and data, this activities have strong dependencies on Logged data among other mechanisms used.
  • 9. Example • DBA • Hard working Individual • HR cleared • Strong technically • Wider access to system than “normal users”
  • 11. • Targeted • Advance Phishing Techniques • Social Eng./Networks • Reconnaissance • InfoSec “Black market”
  • 13. Organisation Facing difficult questions as: • Who AUDIT your DATA? • Are you ready for answering (WhatWhereWhen)? • Do you have a response capability? • Are your people trained ? • What happens WHEN you get compromised?
  • 15. Log = Intelligence Log = Evidence Log = Accountability
  • 17. • Collecting Log information from Systems Applications and Infrastructure provide us with the power of knowledge and the ability to evidence and answer as required.
  • 18. What's “out there”… ◇ We use native auditing, it meets our needs… ◇ Can’t risk performance degradation or latency… ◇ The database/DATA is locked down, we trust the people who can access it… ◇ Our database/DATA is encrypted… ◇ Its too complex, I would need to dedicate a headcount to manage it. ◇ It’s too expensive… ◇ Too early, only starting to look at such solutions… ◇ We don’t store sensitive data in our network…
  • 19. • Organisations that are breached tend to be less compliant. • Most attacks against databases involve: • Compromising user accounts or • Running queries within the privileges of the user • Database/Data encryption can’t protect against these attacks • Audit will provide the needed details to investigate a data breach event (internal or external) • If regulated (PCI, SOX…) then an audit trail is REQUIRED.

Editor's Notes

  • #15: It is not "if u get compromised". The reality is "when u get compromised"
  • #20: Audit shouldn’t be seen as a burdensome Quarterly/Annual ritual that the organization must endure.