Log Architecture Assessment

With a Talos Log Architecture Assessment, Cisco Talos Incident Response (Talos IR) will shine a spotlight on any logging gaps within your entire security environment. We’ll also give you actionable recommendations to configure your logs to collect threat data according to best practice.

Overview

Logs are fundamental to strengthening an organization’s digital defenses, yet they are generated by many sources, including security software, workstations, servers, anti-virus software, EDRs, firewalls, intrusion detection, intrusion prevention and networking equipment.

Many organizations face challenges in collecting, reviewing and managing the logs from disparate sources. In addition, you may have some logs with default security settings, creating visibility gaps. This is where Talos IR can help. Better logs mean better intelligence, better decisions, and better response times. 

Benefits
  • Holistic review of current log configurations, policies, maintenance and management.
  • Targeted analysis of current logging architecture by Talos IR experts in collaboration with your team.
  • Actionable recommendations from Talos IR to enable more detailed logging procedures.
Areas of Analysis
  • Policies and processes: Basic information about your environment and logging policies.
  • Servers and workstations: Operating systems in use and applications.
  • Network infrastructure and perimeter security tools: Email gateways, firewalls, VPN solutions, etc.
  • Cloud: IaaS, SaaS, and any other cloud-based assets.
  • Monitoring and orchestration: Understanding your SIEM and SOAR configurations.

Security expertise at your fingertips

When you partner with Cisco Talos IR experts, you ensure your organization takes full advantage of Cisco’s world-class security threat intelligence and experience. We will work closely with you to become a trusted advisor and partner – helping ensure you have access to information and insights you need to be prepared for what’s now and what’s next.

Next Steps

Contact us:

IncidentResponse@cisco.com

Or contact your dedicated Cisco sales representative.

Fortify Your Security Resilience

For questions regarding our Talos IR retainer subscription or to sign up: