The Information Security Regulation (ISR) proposed by the Dubai Government comprises of a set of standards for information security that need to be adopted by government entities in Dubai. It aims to incorporate information security best practices in government entities to minimize data security risks and prevent potential data breach incidents. It enlists 13 information security domains that fall under three classes, namely governance, operation, and assurance. The domains reflect the key processes in information security and are further classified into actionable controls and sub controls.
Log360 helps you ensure compliance with the controls and sub controls in the operation class domains that involve risk analysis and prioritization, information security incident reporting and escalation, monitoring user access to network devices and applications, and tracking activities in the cloud.
Log360 provides predefined alert profiles and also allows you to create custom alert profiles to flag security incidents. The alerts can also be triaged based on their severity as attention, trouble, and critical alerts. The alert profiles consist of automated incident workflows, which when enabled, execute certain actions to prevent the follow-up of the incident. You can enable the predefined workflows or also create custom workflows in order to mitigate the attack.
As a comprehensive SIEM solution, Log360 collects security information logs from various endpoints, network devices, applications, and cloud resources. It then audits these logs in real-time for malicious activities like unauthorized logon and logoff events, unauthorized access, permission changes, configuration changes, and sensitive file modifications to generate audit reports. This helps you proactively identify and analyze security incidents and prevent potential breaches in the network.
The correlation engine in Log360 enables you to identify attack patterns or a sequence of actions that lead to a security breach. It involves a set of predefined correlation rules for user-based threats, file integrity threats, ransomware attacks, and potential system threats. This comprises correlation alert profiles that can be enabled to flag these threats as and when they occur. The custom correlation builder allows you to create correlation rules specific to information security regulations based on user access, network access and application access to ensure compliance to the ISR.
Log360 provides predefined alert profiles and also allows you to create custom alert profiles to flag security incidents. The alerts can also be triaged based on their severity as attention, trouble, and critical alerts. The alert profiles consist of automated incident workflows, which when enabled, execute certain actions to prevent the follow-up of the incident. You can enable the predefined workflows or also create custom workflows in order to mitigate the attack.
As a comprehensive SIEM solution, Log360 collects security information logs from various endpoints, network devices, applications, and cloud resources. It then audits these logs in real-time for malicious activities like unauthorized logon and logoff events, unauthorized access, permission changes, configuration changes, and sensitive file modifications to generate audit reports. This helps you proactively identify and analyze security incidents and prevent potential breaches in the network.
| ISR requirement | Log360 reports |
|---|---|
| Sub control – 5.2.1 User access control |
|
| Sub control – 5.2.2 Network access control |
|
| Sub control – 5.2.3 Operating system access control |
|
| Sub control – 5.2.4 Application access control |
|
| Sub control – 5.2.5 Remote access security |
|
| Sub Control – 13.2.6 Compliance and Monitoring |
|
