The SANS 8th Annual Log and Event Management Survey Results Revealed!
BETHESDA, Md., April 16, 2012 /PRNewswire-USNewswire/ — The line between log management and security information event management is starting to blur, according to the SANS 8th annual log management survey of more than 600 IT professionals. In it, 37 percent of respondents report using SIEM systems to analyze and correlate logs.
As they do so, they are experiencing several problems with their log management and SIEM systems: identifying key events from background activity, tracking suspicious behavior, and detecting and preventing advanced persistent threats.
“The data suggest that respondents are having difficulty separating normal traffic from suspicious traffic,” says Jerry Shenk, author of the report for the past eight years. “They need advanced correlation and analysis capabilities to shut out the noise and get the actionable information they need. But first they need to get more familiar with their logs and baseline what is normal.”
Throughout the years, the SANS Management Survey has become a valuable indicator of what the log management, and now the SIEM space, should focus on to meet the demands of today’s busy networks, adds Deb Radcliff, editor of the SANS Analyst Program.
Full survey results, along with an accompanying SANS whitepaper on the findings, will be released during a two-part SANS webcast series on May 1 and 3, 2012 at 1:00 P.M. Eastern Daylight Time. You may register for the webcasts at the SANS webcast portal.
Or for each individual webcast follow these links:
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and by far the largest source for information security training and security certification in the world. In addition to world-class training, SANS offers certification via the ANSI accredited GIAC security certification program. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, newsletters, and it operates the Internet’s early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community. www.sans.org
SOURCE SANS Institute