Log Management & SIEM

Collecting, analyzing and storing logs produced by information systems to ensure maximum security and reduce threat detection times.

A Log Management system registers, stores and manages the Logs produced by the information systems, taking into account the main drivers: compliance with regulations and standards, governance, security.

A correct system helps ensure compliance with:

• System administrator (O.J. 300, 24/12/2008);
• Public Administrations (O.J. 179, 4/8/2015);
• Health Dossier (O.J. 164, 17/7/2015).

The collection of logs is essential for an organization that wants to:

The log management activity is closely related to the SIEM concept.

A Security Information and Event Management (SIEM) system provides:

• Security Information Management (SIM) that deals with log Management, analysis and report production activities;
• Security Event Management (SEM) that deals with real-time monitoring of events that occur on the network, on security devices, on systems or applications.

A Security Information and Event Management (SIEM) system allow you to collect computer logs and analyze them in order to obtain security instructions. SIEM, together with an adequate structuring of business processes, is indispensable today to guarantee the safety of personal infrastructures; reduces the risk of data breach.

A SIEM must:

• perform a real-time analysis of data or statistics related to IT security;
• detect targeted attacks and data breaches in a timely manner;
• collect and retain data in order to make them available in report form.

The choice of the most suitable technologies and the experience in the design of SIEM systems allows to:

• reduce risk and promptly detect threats (or data breaches if they occur)
• increase the level of corporate security;
• maximize return on investment.