By Dan Cornell
A recording of the presentation is online:
And the (full) slide deck is online:
This is an area where we see a lot of organizations fall down. The logging developers put into their applications is geared toward solving developer problems such as "what is the current internal state of the system so I can debug this problem?" They often fail to capture the kind of information security operations analysts need to know such as "does it look like the application is under attack and, if so, from where?" Check out the recording to see some of John Dickson's suggestions on how to bridge this gap.
Contact us to talk more about listening to what your applications are trying to tell you.
dan _at_ denimgroup.com