by Randy Bartels / December 20, 2022

 Follow Up Once an organization has completed log review, they must follow up exceptions and anomalies identified during the review process. The purpose of PCI Requirement 10.6.3 is a little obvious, right? If exceptions and anomalies are not investigated, then what’s the point of the log review process? The follow up process helps make organizations aware of unauthorized activities occurring in their network. During an assessment, policies and procedures…

by Randy Bartels / December 20, 2022

 How to Prioritize Log Review PCI Requirement 10.6.1 requires daily review of logs of system components that store, process, or transmit cardholder data, logs of all critical system components, and logs of all servers and system components that perform security functions. But what about all other system components? PCI Requirement 10.6.2 addresses this and requires that organizations review logs of all other system components periodically based on the organization’s…

by Randy Bartels / December 20, 2022

 Daily Review By reviewing logs daily, organizations can maximize their security efforts and minimize the exposure to potential breaches. PCI Requirement 10.6.1 requires that organizations review the following at least daily: All security events Logs of all system components that store, process, or transmit cardholder data Logs of all critical system components Logs of all servers and system components that perform security functions From many breaches that have recently…

by Randy Bartels / December 20, 2022

 Log Review Many breaches occur over a period of time before being detected. That’s why it’s not enough for you to just create logs, you also have to create a process for reviewing them. How could you ever spot a pattern of suspicious activity if you don’t review your logs? PCI Requirement 10.6 requires that organizations review logs and security events for all system components to identify anomalies or…