By Lex van den Berghe LogLogic Customer Evangelist Oldest trick in the book. Put up a sign that says “Free Beer” and it’s guaranteed you’ll catch the attention of the masses. Well, we’re giving something away that’s even better than free beer…how about free money? One thousand dollars to be precise. Every LogLogic customer has a great story to tell and we want to hear yours…and your story could win you a cool grand! Send us your detailed story about how LogLogic helped you overcome a difficult challenge in your IT environment, identify a serious breach, achieve critical regulatory compliance, or save your organization time and money. You all rely on LogLogic every day to keep your companies secure and compliant, and we want to hear about your real-world experiences in the trenches and on the front-lines of your IT environments.

By Lex van den Berghe LogLogic Customer Evangelist   LogLogic’s customers and their stories are the lifeblood of my job, and I never tire of their real-world tales from ‘the trenches.’ Case in point: I recently sat down with a LogLogic customer, one of the largest equity firms in the world, to discuss Sarbanes-Oxley (SOX) and database security. As you can well imagine, companies in financial services are deliciously tempting targets for hackers, so federal regulations like SOX aim to create guidelines that will keep databases secure.

By Sudha Iyer

Its war! The Iranians attacked the Chinese. The Chinese attacked Iran… and Google… and Adobe (and 30 others). The governments of France and Germany warned their citizens against using Internet Explorer in response.

Is our security so poor that we’re just throwing good money after bad? Should we just adopt the Facebook model and assume that everything we do is now public knowledge?

By Andy Morris

Firstly, congratulations to Mike Rothman on joining Securosis.

Now, on to my Verizon post. Mike correctly pointed out that I drank too much over Christmas, and that what I said about being safe was fluffy and careless. In my defense, I was having post-Christmas fun, not submitting a whitepaper, or advising anyone on strategy. I’d just spent 400 words telling people to be vigilant, and not believe Verizon’s roses-round-the-door view of 2010. Plugging my products seemed like too good an opportunity to pass.

And in Verizon’s defense, I doubt the author really meant to sound as cavalier either. After all, Top 10s are just a way of letting off steam after a long year.

By Barbara Rogan, LogLogic General Counsel

Blame the victim.  This was a common defense in sexual assault cases I helped prosecute when I worked as prosecutor.  Unfortunately this mentality applies not just to rape cases, but also to companies where
critical data has been breached – even when the criminals are the ones stealing the data.

By Andy Morris, Log Fan

I read Dimitri's take on the Verizon Top 10 Security Predictions for 2010 and thought I'd take a swing at it myself.

Verizon’s security predictions for 2010 are interesting partly because of their insightfulness, and partly due to their lack of insight. You can read their full list of predictions at here, but if you’ll allow me, let me play scrooge.

1) Services will protect themselves.
No they won’t. What most services will do, is appear to protect themselves. They’ll respond to a few highly publicized events with new user interface options that people won’t use properly, and will give the fake appearance of positive change.

By Lex van den Berghe, LogLogic Customer Evangelist

The Wall Street Journal today broke news with a story detailing an FBI probe into the possible theft of tens of millions of dollars from Citigroup by a Russian gang of cyber-crooks. But what strikes me as odd and controversial isn’t the theft itself or even the growing trend of this kind of crime, but that the report is being disputed as categorically untrue by Citibank, despite the fact that the FBI has a small army of investigators conducting a CSI-style probe into this breach.

What gives? Are we looking at a bit of irresponsible, shoot-from-the-hip reporting by the Wall Street Journal or is it possible that Citi is trying to sweep some potentially embarrassing dirt under their rug? This story is clearly a big deal – I mean, we’re talking about *tens of millions* of dollars…and the FBI has allegedly gotten involved.

By Dimitri McKay, Log Evangelist

Verizon Security recently posted a set of 10 predictions for 2010 on their security blog. I have my own opinions
about their predictions as you'll read below.

To see Verizon’s original
predictions, click here:2010 Security Predictions

Since my posting on public and private clouds, I have been getting email from people asking about the specifics of how LogLogic’s products really participate in “The Cloud”.

LogLogic’s architectural premise is to handle the ingestion of logs from unknown sources, and to have flexibility as to the kinds of devices, logs or target locations. Additionally, we even offer a unique feature allowing automatic identification of log sources. This is where the system can match a stream to a type of log for agile reporting and normalization.

By Guy Churchward, LogLogic CEO

Cloud computing tops Gartner's “Top 10 Strategic
Technologies for 2010.” They define a strategic technology as “one with the
potential for significant impact on the enterprise in the next three years.”
Gartner is somewhat right here. The fundamental problem I have is that the
industry has bucketed anything that can be loosely defined as cloud, virtual,
consolidatory, or anything on the network in the same term being cloud. All
of us loosely interchange public, private and cloud services to our whims which
quite frankly confuses the general public.

By Guy Churchward, LogLogic CEO

Cloud computing tops Gartner's “Top 10 Strategic
Technologies for 2010.” They define a strategic technology as “one with the
potential for significant impact on the enterprise in the next three years.”
Gartner is somewhat right here. The fundamental problem I have is that the
industry has bucketed anything that can be loosely defined as cloud, virtual,
consolidatory, or anything on the network in the same term being cloud. All
of us loosely interchange public, private and cloud services to our whims which
quite frankly confuses the general public.

In the High-Tech industry, the machinations of the US Supreme Court are, at best, fodder for dinner party trivia questions. There is one case on the Supreme Court docket this year that has the potential to change the way intellectual property protected in the United States, and have a major effect on the software companies who rely on the patent process. It could also have a devastating effect on innovation.

By Barbara Rogan, LogLogic General Counsel

While we all wait with baited breath for the decision of the Supreme Court in Bilski v. Kappos, I had a chance to ponder the impact this decision could have on LogLogic and other private technology start-ups.

If the Supremes decide that the Bilski “invention” is in fact patentable subject matter, as in-house counsel for an innovative technology company, I am going to be forced to spend a lot more of my time filing new patents.

Why? LogLogic is an innovative, start-up company and we can’t afford to let another company patent our business processes. Rather than just look at getting patents for our core technology, I would then need to think about getting patents for all our businesses processes – how we handle RMA’s, how we handle technical support calls, etc.

By Barbara Rogan, LogLogic General Counsel

While we all wait with baited breath for the decision of the Supreme Court in Bilski v. Kappos, I had a chance to ponder the impact this decision could have on LogLogic and other private technology start-ups.

If the Supremes decide that the Bilski “invention” is in fact patentable subject matter, as in-house counsel for an innovative technology company, I am going to be forced to spend a lot more of my time filing new patents.

Why? LogLogic is an innovative, start-up company and we can’t afford to let another company patent our business processes. Rather than just looking at getting patents for our core technology, I would then need to think about getting patents for all our businesses processes – how we handle RMA’s, how we handle technical support calls, etc.