GDPR alarming trends

The 2020 Alarming Trends in GDPR Fines and How to Avoid Them

It’s been almost two years since GDPR came into force. During this period, many huge companies were under the hackers’ radar and they suffered from losing both reputation and financial assets. Companies like British Airways, Marriott, and Google were in the spotlight because they failed to apply the technological measures necessary to protect personal data.  Read more about The 2020 Alarming Trends in GDPR Fines and How to Avoid Them[…]

SentinelTrails Heroku Beta

SentinelTrails Is Now Available On Heroku Beta

The SentinelTrails add-on, LogSentinel’s blockchain-protected, secure audit trail, is now available on Heroku marketplace, starting at $0/mo. Swiftly deploy SentinelTrails add-on using Heroku, and ensure that all your logs, data and documents are protected.  SentinelTrails Features Immutable Evidence The blockchain-based technology does not allow any log manipulation and therefore your logs are kept safe. 24/7 Read more about SentinelTrails Is Now Available On Heroku Beta[…]

Log Collectors - SIEM, Audit Trail, UEBA, Forensics logs

Log Collectors Landscape: SIEM, Log Collectors, UEBA, and Audit Trail

Logs are ubiquitous in IT – they are semi-structured pieces of information about the behavior of a system and its users. Many standards, regulations and best practices assume and require the existence of logs. Consequently, many systems collect those logs and make use of them for various purposes. Too often organizations have just one tool Read more about Log Collectors Landscape: SIEM, Log Collectors, UEBA, and Audit Trail[…]

The Need For A Chief IT Compliance Officer

Most organizations have clearly separated roles for the Chief Compliance Officer and Chief Technical Officer. And this has worked well up until recently, as most standards and regulations had mostly legal and procedural implications and technical input was rarely required. At the same time, the CTO has been responsible for the overall IT infrastructure with Read more about The Need For A Chief IT Compliance Officer[…]

Siem, log integrity and compliance

Does Your SIEM Guarantee Log Integrity? And Does It Make You Compliant?

It is for a good reason that “integrity” is one of the three main aspects of information security. Lack of data integrity can be a serious issue in many cases, as we have already discussed in our post “3 Reasons Not to Ignore Data Integrity”. But many times integrity is an abstract concept that one Read more about Does Your SIEM Guarantee Log Integrity? And Does It Make You Compliant?[…]

protecting SAP SAL

How to Protect Your SAP Audit Logs

Most large enterprises are using SAP’s ERP system. And the larger the enterprise is, the more compliance requirements it has to cover. This means, in part, that it’s vital to have the SAP Security Audit Log enabled, properly configured and properly protected. What is SAP Security Audit Log and How to Turn It On The Read more about How to Protect Your SAP Audit Logs[…]

Non-Repudiation of Logs and Blockchain

Why You Need Non-Repudiation of Logs and How Blockchain Helps

Non-repudiation is a key property in many contexts – it means that the author of some message cannot deny that they produced the message. This property has a particular meaning in the context of audit trail and logs in general. As pointed out by Eric Knapp: Non[-]repudiation refers to the process of ensuring that a Read more about Why You Need Non-Repudiation of Logs and How Blockchain Helps[…]

HIPAA IT REQUIREMENTS MAPPING

How To Cover HIPAA Security Rule Regarding Audit Trail

HIPAA, the US healthcare regulation, has some rigid requirements about data security and privacy. That aligns perfectly with LogSentinel’s mission so we decided to help our customers in their HIPAA compliance efforts by providing a clear mapping between HIPAA requirements and SentinelTrails functionality. # Requirement SentinelTrails Functionality §164.312. Technical safeguards 1. (b) Standard: Audit controls. Read more about How To Cover HIPAA Security Rule Regarding Audit Trail[…]

Log Collection - track what you have never tracked before

Track Events You Have Not Tracked Before

There are a lot of products that allow collecting data, aggregating it and displaying it for security or monitoring purposes. That includes SIEMs (Security information and event management systems), UEBAs (User and entity behavior analytics), log collectors and catch-all multi-purpose data platforms (like Splunk). And when you check what sources of data they support, it Read more about Track Events You Have Not Tracked Before[…]