We were asked to develop a strategy and roadmap for the Logging and Monitoring program at a retail organization.
Working with the organization’s IT management, we delivered the following successfully:
- Scoping for the Logging and Monitoring program
- Detailed plan for how the program would comply with the PCI DSS requirements
- Assistance with the Log Management vendor selection process
- Upon vendor selection, worked with client’s Information security Manager in identifying and implementing appropriate log collection, correlation and reporting/alerting features
- Our ability to “focus on what matters” for security monitoring
- Our expertise and experience with PCI DSS and how to comply with the regulation in a manner that doesn’t lost sight of the “real” security objectives
- Our technical expertise with the disparate source systems (Windows, UNIX, Mainframe, Oracle, Apache, Network. Security devices etc.) and their logging features
- Our people skills and ability to work with a wide range of client personnel with different background and expertise.