Spooks leave no log unturned in hunt for attackers

Powered by SC Magazine
 

Defence looks for reporting software to respond swiftly to attack.

The Defence department has issued a request for information on a cyber event management and reporting system for the cyber security operations centre of the Defence Signals Directorate.

It was a step towards buying such a system and asked participants to nominate suitable solutions, express their benefits and the proximate costs of their implementation.

In the document, the Defence Intelligence and Security Group said solutions must handle "substantial data rates" and allow operators to "view all reported or detected cyber events".

The system must be flexible to handle known formats and those yet to be conceived, "ingest" system logs, accept manual data entry and spit out the results such that it could be analysed.

The specification called for a system that enabled the formation of taskforces to work on a problem, "create new tasks relating to cyber events, assign tasks to staff or teams and link tasks to a workflow", the document said.

The successful solution will hold all its data for long periods of time and will work with other "knowledgebases" to enable staff to search across repositories and create statistical models of the data.

And the solution will work on commodity hardware and be future-proof to support "evolving business processes and the addition of new custom analytic tools".

Copyright © iTnews.com.au . All rights reserved.


Spooks leave no log unturned in hunt for attackers
 
 
 
Top Stories
Westpac committed to core banking plan
[Blog post] Now with leadership.
 
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
 
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1156

Vote