Tag: syslog-ng

The Case Against SIEMs

When many companies think about log management, they immediately jump to SIEMs, or Security Information and Event Managers. You’ll also find many in the infosec community who jump to the conclusion that a SIEM is the right solution for the

Posted in Intrusion Detection, Log Analysis, Log Management Tagged with: , , ,

Using OSSEC for Encrypted Log Transport

Here’s a little secret that the sales guys of the million-dollar SIEMs are probably going to gloss over. Most of them do not offer a way to encrypt logs in transit end-to-end. Worse, many of them use downright silly methods

Posted in Encryption, Intrusion Detection, Log Analysis, Secure Design Tagged with: , , ,