Log Analysis or SIEM, is a key weapon in the fight against any cyber-attack. By gathering logs from all devices including network devices, Unix and Windows servers, applications and databases, and analyzing them for unusual or suspicious activity, the method and source of any attack can be identified, enabling preventative measures to be continually improved.
This is why all security policies place log retention at their core. PCI DSS compliance for example, requires logs to be gathered and reviewed daily, and retained for at least one year, but all other compliance standards mandate the use of SIEM technology to detect and forensically investigate security incidents: “capture”, “monitor”, “review”, and “retain” log data.NNT’s complete solution for all Security Information and Event Management (SIEM) requirements provides:-
Security Information and Event Management (SIEM) technology has revolutionized the use of log analysis as a means of identifying the clues and pointers indicating a hacker activity to provide a powerful cyber defense system.