This section details the collection of infrastructure details needed to configure the CCF Compliance Automation Suite. LogRhythm has included CCF within the Consolidated Compliance Framework (CCF) approach to assist in streamlining the compliance approach across common control objectives that drive value from SIEM functionality and forensic content. CCF-specific Log Source and Host Lists are used along with restricted access “profiles” within LogRhythm to ensure only appropriate audiences can access CCF forensic data from the SIEM. This is discussed in more detail later in this guide.
Keep in mind the CCF approach utilizes content from Threat Research modules along with other LogRhythm functionality, including SmartResponses and TrueIdentity, that may require some additional configuration to integrate security and threat functions with the CCF Compliance Automation Suite. This approach also provides a road map for maturing the organization’s security and compliance programs. Read more about the Security Intelligence Maturity Model on the LogRhythm’s main web site.
This guide is divided into the following sections: