RESOURCES

White papers

VIDEO TUTORIALS WHITE PAPERS WEBINARS CASE STUDIES

Using structured logging for effective log management

In structured logging, each event is represented by an unrestricted set of key-value pairs. This offers a variety of advantages, including simpler parsing, easier format conversion, and more flexible classification and correlation of events, even across diverse log sources. As a counter-example, the BSD syslog format provides only a very restricted set of metadata fields in the header, while any data that is specific to the event or log source, such as username or IP address, appears as a free-form string.

Learn More

The importance of DNS logging for enterprise security

Attackers use DNS to steal data, disrupt services, and carry out other malicious activities. Proactive DNS logging and monitoring helps network administrators quickly detect and respond to these threats. What is DNS? Understanding the Domain Name System The Domain Name System (DNS) provides a hierarchy of names for computers and services on the Internet or other networks. Its most noteworthy function is translating domain names, such as example.com, into IP addresses.

Learn More

Solving log collection challenges with Event Tracing for Windows

Event Tracing for Windows (ETW) logs kernel, application, and other system activity. ETW provides better data and uses fewer resources. By understanding the key characteristics of ETW, system administrators can make well-informed decisions about how to utilize the logs collected via ETW to improve IT Security. About Event Tracing for Windows Event Tracing for Windows is a dynamically enabled kernel-level tracing facility provided by the operating system. It logs kernel, application, and other system events.

Learn More

Industrial Control Systems and SCADA security

Today’s highly automated industries require fast and reliable data transfer. This evolution started the era of industrial Ethernet as a universal communication standard within Operational Technology (OT) environments. Ethernet meets the availability and real-time communication requirements of Industrial Control Systems (ICS) and enables communication with external networks and systems. However, increased connectivity brings numerous threats and vulnerabilities previously unknown to these systems. This white paper provides an overview of ICS, including Supervisory Control And Data Acquisition (SCADA) systems, outlines common threat scenarios, and suggests strategies to meet event log management and passive network monitoring requirements.

Learn More

Optimize log management and cut costs

The process of security logging optimization is an ongoing effort within organizations as data reliability, performance, scaling and TCO associated issues continuously emerge. While these challenges can stem from a number of different sources, it is possible to solve them with a single solution: a focused log collection strategy. This white paper aims to help you develop such a strategy that ensures reliable log analytics and optimized performance while reducing the overall logging stack costs.

Learn More

Security Auditing on Modern Operating Systems

Audit logging is important for maintaining security and investigating incidents, and is required by many cybersecurity standards. Most operating systems have a native auditing system available for this purpose. About security event auditing Auditing systems in modern operating systems collect detailed information about security-related events. The audit or security logs generated by an auditing system facilitate identification of attempted attacks, security policy improvement, security incident investigation, and review by auditors.

Learn More