Cyber-attacks seem to be everywhere in the news these days. Some of the scariest attacks are those that fall under that Advanced Persistent Threat (APT) category. APT threats are especially scary because they work well for the attacker and are almost never caught by traditional SIEM solutions.
In Verizon’s 2012 DATA BREACH INVESTIGATIONS REPORT, they found that less than 8% of breaches analyzed were detected by event log auditing; most were found by law enforcement or an outside entity. Verizon’s conclusion was that SIEM based log monitoring solutions are simply not enough primarily due to complexity and cost.
Over the past several years, there has been a slow realization that event log monitoring is inadequate primarily due to log complexity and gaps in the log data itself. Unlike SIEM solutions, more modern change auditing solutions (such as NetWrix’s Change Reporter) do not rely on event data alone. These solutions use event data in association with other information such as current state details to provide a clear picture of what is happening to operationally critical IT systems.
NetWrix AuditAssurance™ technology can be deployed independantly or alongside your existing SIEM solution to have provide better visibility over critical IT systems. If you are interested in seeing just how simply NetWrix makes auditing you can try it for free.