We tend to get pretty busy around here. Sometimes, it almost feels like even I have a hard time keeping up with all of the new releases and updates. Almost. To that end, I will be periodically posting new Solutionary news and updates to make sure you, our valued readers and customers, are on the same page. 

To start with, here are a bunch of product updates I want to share:

- We have launched a new Visibility Services page for all our clients of the Visibility Service. You can now search, filter and review all your service alerts in a nice graphical interface. This is available via the Services -> Policy Management navigation bar.

- Visibility Service clients also now get a new "Open Services" report in the report generator - giving clients instant snapshots to their visibility service. To find this go to The Report Generator and select "Open Visibility Alert Summary" in the General section!

- We've added new Log Management audit reports for clients who need Log Management reports for compliance purposes. These reports snapshot the archive record, log date, File size and signature date and in the next two weeks a signature verification date will be added as well. These reports can be found under General reports in the report generator titled "Log Archive Report".

- New ActiveGuard Auto ticket rules are in final beta testing and should be ready in the next release! We've listened to those clients wanting this feature, and your wait is coming to an end! For all our SIEM clients you'll be able to leverage remote notifications now of security events in your environment.

- We're also in final beta testing of our new next generation vulnerability handling engine. The new engine allows clients much more functionality and more refined control, along with the added benefit of a having a more simple interface, as well as SOC integrated PCI lifecycle integration. More on that coming soon!

- And last but not least, we have a super slick Qualys API interface allowing clients the ability to view, and manually select which Qualys reports they want to load into the Solutionary ActiveGuard system for enhanced Threat Intelligence Correlation as well as for use in our own Vulnerability Lifecycle Management system.

Ok. Thats enough teasers and updates for now. Have a great week, everyone! 

Both studies found that security detection and prevention of unauthorized activities was ranked highest as a critical issue. I found this is to be somewhat surprising since the biggest business drivers and objectives for deploying such solutions seem to be regulatory requirements and compliance. Do you believe that this is true even for your organization? Use the comments section below to discuss.

In my experience, working with various Fortune100 to SMB type organizations, detection and prevention are definitely the desired byproducts of such solutions. Whether it really happens or not, depends entirely on the implementation strategy. There are two main schools of thought for deploying log management solutions to arrive at this point. In-house or Managed.

More often than not, requirements gathering and product selection criteria are instrumental to a successful execution plan. Many organizations still believe that acquiring 3rd party products to be operated and managed by internal staff is the only way to do it, but this is simply not true. In fact, this is also the main reason why many deployments are used only as a checkmark on compliance audits. There are many companies like Solutionary that offer managed log aggregation and event correlation solutions where organizations are only responsible for providing some basic space and connectivity in their data centers.

Here are a few factors that can help you decide what type of solution fits your organization better:

• Skilled Resources - While it may be more desirable to have the in-house IT staff review the logs and manage the solution, it is not always the most cost efficient way. Dedicating two or more trained employees to caring and feeding of the log management solution is certainly not possible for every company. Consider staffing this role in a very active operational environment, 24 hours a day, 365 days a year. You can quickly reach staff requirements for a dozen or more employees.
• Compatibility - Most good solutions available in the market, in-house or managed, pretty much support the same list of systems and devices. The bigger question organizations should ask during the selection process is - how easy (or difficult) is it to add a new log feed for a custom application or a previously unsupported device?
• 24x7x365 Monitoring - If detection and prevention of unauthorized activities is truly one of the goals, then it also help to ask if internal staff can support the solution at "all" times, but make sure you plan for nights, weekends, and holidays.
• Total cost of ownership - From a business perspective, this probably is the most important measure to help make the decision. Besides the true hardware cost, software costs, license fees and maintenance costs, the cost of square footage, power, networking, organizations should factor in the administrative, training, and other incidental requirements like cost of a creating a custom report for compliance, adding a custom application, etc. (Click here for an overview on Solutionary's IT security solutions without capital expenditures.)

I'd like to hear stories (successful or otherwise) on log management solutions that you were a part of. Please share some tips or experiences that might help your fellow security processional make the right choice.