Security Analytics and Benchmarking Log Aggregation in the Cloud

Abstract

With increase in popularity of Cloud computing, most organizations are moving towards the Cloud. The main concern for these organizations when migrating to the Cloud is securing their data in the Cloud. There are security measures that can be deployed to address the risk the organization faces to the security threats posed within the Cloud. This project illustrates how the problem can be solved using data protection techniques and security analytics of the log data within the Cloud deployment. In PaaS implementation of Cloud, the customer and the Cloud vendor has a shared responsibility model and the project will discuss what customer can do for their responsibility in the areas highlighted above. Data is of paramount importance to any organization and protection of data becomes more complex in a Cloud offering as the storage is located off premise. Like any other environment devices, servers and applications in Cloud produce logs that can be aggregated and analyzed to identify security anomalies. Comparison of various log aggregation tools can give a detailed idea about what tool is better. Two log aggregation tools Splunk and the Elastic stack have been compared in this project. A combination of the above described strategies can address and point on various security risks, and help reduce the risk of the organization to a significant degree.