New event logging, threat detection unveiled by US, allies

Share This Post



SecurityWeek reports that escalating cybersecurity threats have prompted the U.S., Canada, Japan, Korea, Singapore, New Zealand, the UK, and the Netherlands to release joint event logging and threat detection guidance for medium and large organizations, which emphasized the importance of organizations’ and service providers’ shared responsibilities, as well as log monitoring and log details in crafting logging policies.

While the guidance recommended the use of structured log formats across systems, organizations have been urged to prioritize the type of events logged and ensure the presence of accurate timestamps, device identifiers, executed commands, autonomous system numbers, and unique event identifiers to better aid in incident response efforts. “Useful event logs enrich a network defender’s ability to assess security events to identify whether they are false positives or true positives. Implementing high-quality logging will aid network defenders in discovering [living-off-the-land] techniques that are designed to appear benign in nature,” said the document.



Source link

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Blogs

Mickey Mouse operation hacked by former employee

A disgruntled former Disney worker stands accused of illegally hacking the company’s systems and harassing its workers. Michael Scheuer, a former system administrator with the

Do You Want To Boost Your Business?

drop us a line and keep in touch