NIST releases standards for security logs

"Guide to Security Log Management"

Related Links

The National Institute of Standards and Technology released technical guidelines on how federal agencies should manage security logs. The guidelines cover log generation, transmission, storage, analysis and disposal.

The guidelines, NIST Special Publication 800-92: Guide to Computer Security Log Management, include suggestions for creating a log management policy, prioritizing log files and creating a centralized log management infrastructure to include all hardware, software, networks and media.

The 64-page document notes that agencies must deal with larger quantities, volumes and varieties of security logs. They also must comply with a growing number of legislative requirements such as the Federal Information Security Management Act and the Health Insurance Portability and Accountability Act.

Featured

  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected