SEARCH RESULTS
 
Showing 1-10 of 87 records
 
Expand article

Top 11 Reasons to Analyze Your Logs

2008-02-20 16:56:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...analyze them. Why? Here are the reasons Seen an obscure log message lately? Me too - in fact, everybody have. How do you know what it means (and logs usually do mean something) without analysis? At the very least, you need to bring additional context to know what some logs mean Logs often measure in gigabytes and soon will in terabytes; log...
 
Tags: time, real-time analysis, analysis, analyze, log analysis systems, logs, analysis tools, log analysis expert, suddenly analyze logs
 
 
 
 
Expand article

NSA's Domestic Spying

2008-03-26 06:02:18 by schneier in Schneier on Security
 
...analyze the various transactions for suspicious patterns. Then they spit out leads to be explored by counterterrorism programs across the U.S. government, such as the NSA's own Terrorist Surveillance Program, formed to intercept phone calls and emails between the U.S. and overseas without a judge's approval when a link to al Qaeda is...
 
Tags: nsa, data haul, haul, information, transactional information, data, nsa receives, mass data, terrorism information awareness
 
 
 
 
Expand article

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle
 
...analyze issues found Stage 6: Identify root cause, fix bugs, rerun failures, analyze coverage data (rinse and repeat How we do file fuzzing There are a number of approaches taken by product teams to meet the SDL file fuzzing requirements. They often include the use of generation and mutation-based fuzzers as well as a combination of multiple...
 
Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions
 
 
 
 
Expand article

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle
 
...analyze our products, and often share their processes and tools with us, but its rare to see a top-to-bottom product review released. In California, there was both white and black box testing done by different teams, and weve studied these reports to see the perceptions of development practices from other vendors and results of a different...
 
Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system
 
 
 
 
Expand article

Fun TLR Log Management Questions

2008-03-14 12:04:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...analyzed all this data? Are there products that can process all this data and receive valuable information A3: Yes, but you need to ask one question first: analyze why (example reasons here )? To discover something "interesting" (my favorite reason)? To find some specific artifact that you need in the logs? Or for some other reason? Before...
 
Tags: log, log ownership issues, log services, log messagessecond, log management, log management solution, management, log sources, incident response team
 
 
 
 
Expand article

Software Security Metrics and Commentary on "Metrics Framework" Paper

2007-09-17 20:41:00 by Security Retentive in Security Retentive
 
...analyze software metrics in three phases of an application's lifecycle Design Deployment Runtime The paper uses the OWASP top-10 as the basis for measure and comes up with metrics that will tell us how we're doing against it The goal of metrics should be, where possible, to create objective measures of something. Whereas some of the metrics...
 
Tags: metrics, software security metrics, metrics framework, metrics miss, design-time metric, design, upstream sdl metrics, application, web application security
 
 
 
 
Expand article

Cross-Device-Type Log Management vs Device-Specific Log Management

2008-06-02 14:38:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...analyzed on one system, neither hundreds, nor several Also, while looking at logging tools, one needs to make a distinction between tools that can collect all sorts of logs but only allow you to analyze one log type at a time (e.g. sawmill) vs tools that can collect all sorts of logs AND allow you to analyze all of them together (e.g....
 
Tags: logs, pci relevant logs, log management, database logs, logs remain, gather windows logs, device-specific log management, server logs, type
 
 
 
 
Expand article

11 Signs That Your SIEM Is A Dog or "Raffy, You Killed SIM!"

2008-06-25 14:40:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...analyze the log data we have collected? Of course! Do we have a widest set of log use cases from today's security to tomorrow's regulations? You bet. And, for you Raffy , I'd add "... we also have other data to analyze together with logs." So, can we "reinvent SIEM?" Yes, I think so! It just hasn't been done yet ... For now, just use log...
 
Tags: siem, log management, siem require, log, siem toy, reinvent siem, siem vendors, dead, log type
 
 
 
 
Expand article

Anton Security Tip of the Day #16: Virtually There - Journey Into VMWare ESX Log Analysis

2008-08-25 12:11:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...analyze Successful logins May 30 09:20:42 esx2 su(pam unix)[9405]: session opened for user root by jhonny(uid=1626 This is a classic Linux root login message; you can watch for these by searching VMWare ESX logs for "session AND opened AND user AND root." Notice the user name of the user who switched to root May 30 09:20:34 esx2 sshd(pam...
 
Tags: vmware, vmware esx, analyze vmware logs, analyze, vmware esx logs, esx, security tip, anton security tip, user