SlideShare a Scribd company logo

Logs in Security and Compliance flare

Download as PPTX, PDF
Z
zilberberg

Organizations aim to enhance visibility, analytics, and cybersecurity to improve compliance and risk management. Effective log data collection and analysis are critical for incident response, auditing, and ensuring accountability during data breaches. A lack of preparedness and robust auditing increases vulnerability to attacks, particularly those targeting compromised user accounts.

Technology
1 of 20
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Log Data Compliance and Security drivers
• I think organisations want to achieve better Visibility Analytics and Cyber Security posture in order to “remain in the game”
Compliance
Logs in Security and Compliance flare
• Risk management and assesment • Audit trail • Forensic • Leak protection • User right management • Separation of duties
Security
• Incident responce/Management • Identify/Analyse/Gather Evidence • Users/Systems Auditing • Forensic • Leak Prevention/protection • Blue/Red • Business enablement • APT
• Security and Compliance activities in an organisation relay on visibility into the organisations systems and data, this activities have strong dependencies on Logged data among other mechanisms used.
Example • DBA • Hard working Individual • HR cleared • Strong technically • Wider access to system than “normal users”
Logs in Security and Compliance flare
• Targeted • Advance Phishing Techniques • Social Eng./Networks • Reconnaissance • InfoSec “Black market”
Logs in Security and Compliance flare
Organisation Facing difficult questions as: • Who AUDIT your DATA? • Are you ready for answering (WhatWhereWhen)? • Do you have a response capability? • Are your people trained ? • What happens WHEN you get compromised?
Logs in Security and Compliance flare
Log = Intelligence Log = Evidence Log = Accountability
http://datalossdb.org/statistics Discover Indicators Of Compromise for your information Crown Jewels.
• Collecting Log information from Systems Applications and Infrastructure provide us with the power of knowledge and the ability to evidence and answer as required.
What's “out there”… ◇ We use native auditing, it meets our needs… ◇ Can’t risk performance degradation or latency… ◇ The database/DATA is locked down, we trust the people who can access it… ◇ Our database/DATA is encrypted… ◇ Its too complex, I would need to dedicate a headcount to manage it. ◇ It’s too expensive… ◇ Too early, only starting to look at such solutions… ◇ We don’t store sensitive data in our network…
• Organisations that are breached tend to be less compliant. • Most attacks against databases involve: • Compromising user accounts or • Running queries within the privileges of the user • Database/Data encryption can’t protect against these attacks • Audit will provide the needed details to investigate a data breach event (internal or external) • If regulated (PCI, SOX…) then an audit trail is REQUIRED.
David Zilberberg Thank You.

More Related Content

PPTX
Sensitive Data Exposure
abodiford
 
PPTX
Database security
MaryamAsghar9
 
PPTX
Database Security Management
Ahsin Yousaf
 
PPTX
Database security
afzaalkhalid1
 
PPT
Database Security
RabiaIftikhar10
 
PPTX
Insider Threat Final Powerpoint Prezi
Kashif Semple
 
PDF
Best Practices for implementing Database Security Comprehensive Database Secu...
Kal BO
 
PPTX
Data Security Explained
Happiest Minds Technologies
 
Sensitive Data Exposure
abodiford
 
Database security
MaryamAsghar9
 
Database Security Management
Ahsin Yousaf
 
Database security
afzaalkhalid1
 
Database Security
RabiaIftikhar10
 
Insider Threat Final Powerpoint Prezi
Kashif Semple
 
Best Practices for implementing Database Security Comprehensive Database Secu...
Kal BO
 
Data Security Explained
Happiest Minds Technologies
 

What's hot (19)

PPTX
DBMS SECURITY
Wasim Raza
 
PPTX
what is data security full ppt
Shahbaz Khan
 
PPTX
Database security
Zubair Rahim
 
PPT
Database security
Prabhat gangwar
 
DOCX
Database Security Concepts | Introduction to Database Security
Raj vardhan
 
PPTX
In data security
adithdev
 
PPT
Lesson10 Database security
Muhammad Sikandar Mustafa
 
DOCX
Data Security
ankita_kashyap
 
PPT
Security Software
bennybigbang
 
PDF
Database Security
Ferdous Pathan
 
PDF
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Ravtach Solutions
 
PDF
Data Security
qmsWrapper
 
PPTX
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
PPTX
Data security
Tapan Khilar
 
PPT
Database security
CAS
 
PPTX
Database Security And Authentication
Sudeb Das
 
PDF
Chapter 15 incident handling
newbie2019
 
PDF
Brochure Imperva Vormetric
Michelle Guerrero Montalvo
 
PDF
Database security
Murchana Borah
 
DBMS SECURITY
Wasim Raza
 
what is data security full ppt
Shahbaz Khan
 
Database security
Zubair Rahim
 
Database security
Prabhat gangwar
 
Database Security Concepts | Introduction to Database Security
Raj vardhan
 
In data security
adithdev
 
Lesson10 Database security
Muhammad Sikandar Mustafa
 
Data Security
ankita_kashyap
 
Security Software
bennybigbang
 
Database Security
Ferdous Pathan
 
Integrating DLP and the 4 W's is a Must by Uzi Yair - CEO, GTB Technologies Inc.
Ravtach Solutions
 
Data Security
qmsWrapper
 
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
Data security
Tapan Khilar
 
Database security
CAS
 
Database Security And Authentication
Sudeb Das
 
Chapter 15 incident handling
newbie2019
 
Brochure Imperva Vormetric
Michelle Guerrero Montalvo
 
Database security
Murchana Borah
 
Ad

Viewers also liked (6)

PDF
Mis 510 cyber analytics project report
Aadil Hussaini
 
PPTX
Log analysis using Logstash,ElasticSearch and Kibana
Avinash Ramineni
 
PDF
From Zero to Hero - Centralized Logging with Logstash & Elasticsearch
Sematext Group, Inc.
 
PPTX
Elk stack
Jilles van Gurp
 
PDF
Logging with Elasticsearch, Logstash & Kibana
Amazee Labs
 
PPTX
Attack monitoring using ElasticSearch Logstash and Kibana
Prajal Kulkarni
 
Mis 510 cyber analytics project report
Aadil Hussaini
 
Log analysis using Logstash,ElasticSearch and Kibana
Avinash Ramineni
 
From Zero to Hero - Centralized Logging with Logstash & Elasticsearch
Sematext Group, Inc.
 
Elk stack
Jilles van Gurp
 
Logging with Elasticsearch, Logstash & Kibana
Amazee Labs
 
Attack monitoring using ElasticSearch Logstash and Kibana
Prajal Kulkarni
 
Ad

Similar to Logs in Security and Compliance flare (20)

PDF
The MITRE ATT&CK "Collection" Tactic is Missing Very Important Techniques: D...
MITRE ATT&CK
 
PPTX
what is data security full ppt
Shahbaz Khan
 
PDF
Preventing The Next Data Breach Through Log Management
Novell
 
PPT
Database auditing essentials
Craig Mullins
 
PDF
Database forensics
Denys A. Flores, PhD
 
PPTX
Office management
Aditya Purohit
 
PPTX
basic to advance network security concepts
amansinght675
 
PPTX
Data security auditing and accountability
Leo Mark Villar
 
PPTX
Building a database security program
matt_presson
 
PPTX
Your data is your business: Secure it or Lose it!
Performance Tuning Corporation
 
PDF
Database security 12.pdf
ShajanShajan2
 
PPTX
Data security by the Yashwanth ganjikunta
y6rmpbxgyk
 
PDF
Isaca csx2018-continuous assurance
François Samarcq
 
PDF
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
centralohioissa
 
PDF
Data base security and privacy - nderstand the fundamentals of security relat...
banujahir1
 
PPTX
Network Security Forensics
seniorsam
 
PPTX
Proven Practices to Protect Critical Data - DarkReading VTS Deck
NetIQ
 
PDF
Getting the most from Application Security in your SOC by Leigh Collett
Jorge Carrillo, Ph.D
 
PPTX
Priviledged Identity Management
rver21
 
PPTX
Priviledged Identity Management
rver21
 
The MITRE ATT&CK "Collection" Tactic is Missing Very Important Techniques: D...
MITRE ATT&CK
 
what is data security full ppt
Shahbaz Khan
 
Preventing The Next Data Breach Through Log Management
Novell
 
Database auditing essentials
Craig Mullins
 
Database forensics
Denys A. Flores, PhD
 
Office management
Aditya Purohit
 
basic to advance network security concepts
amansinght675
 
Data security auditing and accountability
Leo Mark Villar
 
Building a database security program
matt_presson
 
Your data is your business: Secure it or Lose it!
Performance Tuning Corporation
 
Database security 12.pdf
ShajanShajan2
 
Data security by the Yashwanth ganjikunta
y6rmpbxgyk
 
Isaca csx2018-continuous assurance
François Samarcq
 
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
centralohioissa
 
Data base security and privacy - nderstand the fundamentals of security relat...
banujahir1
 
Network Security Forensics
seniorsam
 
Proven Practices to Protect Critical Data - DarkReading VTS Deck
NetIQ
 
Getting the most from Application Security in your SOC by Leigh Collett
Jorge Carrillo, Ph.D
 
Priviledged Identity Management
rver21
 
Priviledged Identity Management
rver21
 

Recently uploaded (20)

PDF
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
PPTX
Applied-Statistics-Mastering-Data-Driven-Decisions.pptx
parmaryashparmaryash
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
PDF
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
PDF
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
PDF
The Future of Artificial Intelligence (AI)
Mukul
 
PDF
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
PDF
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
PDF
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
PPTX
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
PDF
Economic Impact of Data Centres to the Malaysian Economy
flintglobalapac
 
PDF
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
PPTX
Simple and concise overview about Quantum computing..pptx
mughal641
 
PDF
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
PDF
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
PPTX
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
PDF
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
Applied-Statistics-Mastering-Data-Driven-Decisions.pptx
parmaryashparmaryash
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
The Future of Artificial Intelligence (AI)
Mukul
 
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
Economic Impact of Data Centres to the Malaysian Economy
flintglobalapac
 
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
Simple and concise overview about Quantum computing..pptx
mughal641
 
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 

Logs in Security and Compliance flare

  • 1. Log Data Compliance and Security drivers
  • 2. • I think organisations want to achieve better Visibility Analytics and Cyber Security posture in order to “remain in the game”
  • 5. • Risk management and assesment • Audit trail • Forensic • Leak protection • User right management • Separation of duties
  • 7. • Incident responce/Management • Identify/Analyse/Gather Evidence • Users/Systems Auditing • Forensic • Leak Prevention/protection • Blue/Red • Business enablement • APT
  • 8. • Security and Compliance activities in an organisation relay on visibility into the organisations systems and data, this activities have strong dependencies on Logged data among other mechanisms used.
  • 9. Example • DBA • Hard working Individual • HR cleared • Strong technically • Wider access to system than “normal users”
  • 11. • Targeted • Advance Phishing Techniques • Social Eng./Networks • Reconnaissance • InfoSec “Black market”
  • 13. Organisation Facing difficult questions as: • Who AUDIT your DATA? • Are you ready for answering (WhatWhereWhen)? • Do you have a response capability? • Are your people trained ? • What happens WHEN you get compromised?
  • 15. Log = Intelligence Log = Evidence Log = Accountability
  • 17. • Collecting Log information from Systems Applications and Infrastructure provide us with the power of knowledge and the ability to evidence and answer as required.
  • 18. What's “out there”… ◇ We use native auditing, it meets our needs… ◇ Can’t risk performance degradation or latency… ◇ The database/DATA is locked down, we trust the people who can access it… ◇ Our database/DATA is encrypted… ◇ Its too complex, I would need to dedicate a headcount to manage it. ◇ It’s too expensive… ◇ Too early, only starting to look at such solutions… ◇ We don’t store sensitive data in our network…
  • 19. • Organisations that are breached tend to be less compliant. • Most attacks against databases involve: • Compromising user accounts or • Running queries within the privileges of the user • Database/Data encryption can’t protect against these attacks • Audit will provide the needed details to investigate a data breach event (internal or external) • If regulated (PCI, SOX…) then an audit trail is REQUIRED.

Editor's Notes

  • #15: It is not "if u get compromised". The reality is "when u get compromised"
  • #20: Audit shouldn’t be seen as a burdensome Quarterly/Annual ritual that the organization must endure.