In episode 47 of the Cybersecurity Minute, Robert Wood talks about why organizations should be putting their logs together in a linear dashboard view that aligns with their Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) providers to provide greater context to their tools, enabling investigations to be more effective.
This episode of the Cybersecurity Minute is sponsored by Acceleration Economy’s Digital CIO Summit, taking place April 4-6. Register for the free event here. Tune in to the event to hear from CIO practitioners discuss their modernization and growth strategies.
Highlights
00:28 — Robert acknowledges that organizations may have a variety of logs that they may be running in parallel to SaaS or PaaS suite of tools, including single sign-on (SSO) logs, tenant logs, cloud access security broker (CASB) logs, secure access service edge (SASE) logs, and more.
00:54 — However, even if you’re aggregating all of those logs together, the problem is that they still existing in siloed contexts.
01:04 — If you want to support your managed security service provider (MSSP), for instance, in more efficient investigations and security alerts relative to your mission-critical SaaS solutions, Robert’s recommendation is to “start pulling together those logs, specific to a particular provider into a dashboard view.”
01:26 — By putting them together in a set view, you will be able to view them linearly in a side-by-side context.
01:48 — “It’s going to depend on the context of that tool, in terms of what sort of visibility you get,” Robert adds. By being able to look at these items together, it will increase the amount of context and efficiency that a particular analyst will have when doing an investigation.
Want more cybersecurity insights? Subscribe to the Cybersecurity as a Business Enabler channel:
