So far, 2014 has been a great year for application security intelligence. All the major SIEM providers offered new or additional integrations for LOGbinder. Hundreds more organizations deployed LOGbinder for their SIEM and many of them received significant features and updates from prior versions. We're thrilled with the results and hope you are too!

We are very excited to let you know that IBM Security's QRadar product team produced DSM integrations with all 3 LOGbinder products. This brings Exchange, SharePoint and SQL Server security audit logs to the QRadar-based SOC. In addition to the Device Support Module (DSM) support, LOGbinder has also received LEEF certification. The implications are huge. Now QRadar customers can consume critical security audit logs from their enterprise applications with minimal setup and configuration. LOGbinder collects, translates and delivers the audit information via LEEF-certified output. QRadar consumes that information and allows analysts to easily prioritize and present critical security correlations where, when and to whom it matters most.

To get the IBM Security QRadar DSM Configuration for Exchange, SharePoint and SQL Server, click the following links:

• LOGbinder EX QRadar DSM Configuration
• LOGbinder SP QRadar DSM Configuration
• LOGbinder SQL QRadar DSM Configuration

Curious about what SIEM solutions have solid Exchange, SharePoint and SQL Server security audit capability? More news is coming next month, but the full list is AccelOps, AlertLogic, AlienVault, Blue Lance, EventTracker, GFI EventsManager, IBM Security QRadar, HP ArcSight, LogPoint, LogRhythm, McAfee ESM (formerly Nitro), RSA Security Analytics (formerly enVision), Solarwinds LEM and Splunk.

What's coming with LOGbinder EX

Exchange audit is increasingly critical to security analysts. This means the demands on LOGbinder EX have increased too. Our development team has responded with new features, now in our labs for testing, to help security analysts dial-in on the new pain-points and remove them. Now, directly from the LOGbinder interface, security analysts can configure mailbox audit policy and autofill the PowerShell and Exchange server URL fields. These changes offer more than merely convenience. These new features allow far better mailbox “on-boarding” (and whatever the opposite of that is). And it makes it easier for security analysts to do their job; no more slow dances or hat-in-hand sessions with the Exchange admin(s).

Quick reference guide to security audit resources

This year LOGbinder sponsored Ultimate Windows Security webinars that many of you attended. Thank you! These webinar recordings still pack a punch with great information. So you will have these links in once place, we list them below. (You can still get the recordings. They're free.)

• Application Security Intelligence: The Next Frontier in Security Analytics
• Detecting Information Grabs of Confidential Documents in SharePoint
• Options for Monitoring SQL Server with your SIEM

LOGbinder's core competence is application security audit technology for SIEMs. Not blog writing. But every now and then we fuse the use-case and technical know-how into a blog post. There's some good stuff there:

• SQL Trace to SQL Audit. Discussion and links to more details in a white paper.
• Understanding and Changing Exchange audit poll interval. Exchange takes its own sweet time to return audit results, but you can speed it up.
• SQL Server audit support -- which version makes it available? Lots of organizations need to first determine if the superior SQL Server audit function is available.
• LOGbinder SP and elevated SQL Privileges
• LOGbinder newsletters. Tech tips, product updates, SIEM news, notes from the field.

Thank you for your support. We'll catch up next year.