This Was Wonderful

  • The activity, health, status, and anomalies of these endpoints and systems are time-stamped and delivered to some repository, usually a syslog, a security information and event management (SIEM) tool, or some managed security service provider’s MSSP) archive in the cloud. The vast majority of these log records will never be reviewed or needed; for many organizations, they’re simply checking a box by archiving log data to comply with state, federal, and international laws.

  • The topic ‘This Was Wonderful’ is closed to new replies.