Good morning,

As part of a security requirement, I'm trying to find information to
address the issue of ensuring confidentiality of logs stored in
Sentinel. Basically, the requirement states that the log management
system should employ cryptographic mechanisms to encrypt data stored on
secondary devices, such as disk drives or tapes. Technically, this is
referring to data at rest, which I wouldn't really classify Sentinel's
secondary storage as, but I was wondering if there is any encryption
available for this stored data. For instance, does Sentinel offer the
ability to encrypt it so we can ensure confidentially of this data when
it is backed up? There are other mitigating factors in place, such as
physical security, separation of duties, and various access controls,
and I know Sentinel verifies the integrity of the events by hashing the
raw data, but I wanted to check on the confidentiality portion of the
stored data. Does anyone have any insight on this?

Thank you.

tyl3r32's Profile:
View this thread: