Central Logging Sanity Checks - Episode 194

Central Logging Sanity Checks - Episode 194

The CU Guys dive into the critical topic of central logging sanity checks. They explore the common pitfalls organizations face when they set up central logging systems and then leave them on autopilot. Adam emphasizes the importance of regular sanity checks to ensure that logging systems are functioning as expected and highlights the risks of assuming everything is working perfectly. The discussion also covers the need for compliance professionals to validate assumptions, spot-check logs, and ensure that alerts are being properly handled. Tune in to learn how to maintain a robust compliance program that truly supports organizational security.

Episode Transcript:

Today, we're going to talk about, you know, another central theme here, not just a central member to a band, but central logging, specifically central logging sanity checks. So a lot of companies that have mature compliance programs set up their central logging and then kind of put it on autopilot. What are the downsides there, Adam?


Well, I mean, I've been for a long time, a huge fan of trust, but verify. And, you know, when the, when the companies go in and, and kind of set up their, their central logging, you know, they, they really do just kind of, okay, we're done, you know, we're done, we've, we've established all the things, you know, we've done all the checks and we've set up the system and we have all the right processes and, you know, we, the, the reviews are happening and alerts are flying and, you know, so then they just, you know, move into this mode where they just literally let her roll and, you know, and then don't tend to go back to it, you know, for, you know, for a recheck or a sanity check or, or whatnot. They just go into the guiding assumption that everything's good because it's up and it's, nothing's gone boom and, you know, blah, blah, blah.


So, you know, the, the, the most important part for, for these organizations is that they, they go back in and, you know, double check, you know, is, is what I think happening, is it actually happening? You know, but, you know, they got, they got to go back in and, and just do a sanity check on, you know, on things. So, you know, that's kind of the, the, the driving force here with the, with this particular topic.


Sure. Now with that in mind, what are some of the concerns that compliance professionals should be focusing on?


Well, I mean, first and foremost, you know, is everything that I think is logging actually logging, you know, is it are things that I set up to, to, you know, to log, are they still logging? Did something go off the rails? Um, it's really, really easy, uh, depending on the system and the, and the structure that's set up, what checks and things that they put in place, it's really easy to, I don't know, I'm just gonna make a number up. So let's just pretend, you know, out of the gate, there were a hundred different things that were, you know, that were sending stuff to central logging. Well, you know, fast forward a couple of months or in a lot of cases, a couple of years, um, you know, the, uh, are the things that we, uh, are those hundred things still, still doing what they're doing?


I mean, you know, there's, there's all sorts of possibilities for something going wrong. You know, you've got, you know, updates or patches that, you know, may go ahead and interfere with the, with the capability for those devices to push their logs. I mean, it could be something as simple as, you know, somebody was messing with a firewall rule to try to do some troubleshooting and, you know, lock down some ports so they could get some things isolated, et cetera. And then forgot to put every, put Humpty Dumpty back together, you know, back together again and blah. And in the process, you know, block the, you know, the outbound logging, you know, capability from, you know, fill in the blank device, that type of thing.

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(223)

Building AI Agents Securely - Episode 223

Building AI Agents Securely - Episode 223

AI agents are driving efficiency, but also introducing serious, often unseen security risks. As adoption accelerates, unvetted access, prompt injection, and poorly controlled environments can expose s...

2 Jul 24min

AI-Powered Attacks: Is Your Compliance Program Already Obsolete? - Episode 222

AI-Powered Attacks: Is Your Compliance Program Already Obsolete? - Episode 222

In an era of evolving AI-driven cyberattacks, traditional compliance programs are falling dangerously behind. Static controls create a false sense of security while attackers leverage AI to move faste...

25 Jun 18min

Compliance Theater: Are You Actually Secure or Just Checking Boxes? - Episode 221

Compliance Theater: Are You Actually Secure or Just Checking Boxes? - Episode 221

Most organizations are just performing compliance – ticking boxes, not building real security. What happens when the curtain is pulled back on these check-the-box programs? You might be under the illu...

18 Jun 20min

Audit Fatigue and How to Effectively Navigate It - Episode 220

Audit Fatigue and How to Effectively Navigate It - Episode 220

Caught in a cycle of audit requests, evidence chaos, and burnout? Discover a way out in this episode. Compliance Expert Adam Goslin joins Todd Coshow to reveal the hidden causes of audit fatigue and s...

11 Jun 21min

Identity is the New Perimeter (Zero Trust) - Episode 219

Identity is the New Perimeter (Zero Trust) - Episode 219

On this week's Compliance Unfiltered, discover why identity is the new perimeter in cybersecurity. This episode reveals how zero trust principles can protect your systems by continuously verifying use...

4 Jun 28min

Regulatory Explosion & Board-Level Accountability - Episode 218

Regulatory Explosion & Board-Level Accountability - Episode 218

Discover why compliance is now a boardroom priority, not just an IT task. In this episode, Todd Coshow and Adam Goslin reveal how outdated practices put organizations at risk. Learn about the shift to...

29 Mai 22min

Will Your Compliance Software Vendor Protect Your Data? - Episode 217

Will Your Compliance Software Vendor Protect Your Data? - Episode 217

Most companies overlook vendor vulnerabilities in compliance. On this episode, the CU Guys reveal hidden risks in vendor relationships, from breaches to vetting gaps. Discover tactics for evaluating v...

21 Mai 21min

Data Has Borders: The New Rules of Compliance - Episode 216

Data Has Borders: The New Rules of Compliance - Episode 216

Data compliance isn't just about protecting information anymore — it's about understanding where your data lives, how it moves, and how to stay compliant across borders. On this Episode of Compliance ...

14 Mai 20min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
tomprat-med-gunnar-tjomlid
shifter
rss-kunstig-intelligens-med-elisabeth-maren-og-morten
teknologi-og-mennesker
smart-forklart
rss-ai-forklart
rss-ki-praten
energi-og-klima
elektropodden
rss-alt-som-gar-pa-strom
hans-petter-og-co
kortslutning
fornybaren
rss-heis
rss-digitaliseringspadden
rss-vippserne
rss-bitcoinpolitisk-institutt-norge