There are a number of companies doing log analysis in 'the cloud' - What do people think of the security implications of this?
Your logs that are uploaded are generally inside some sort of private container, however there have been a number of high profile security concerns. This includes holes in regular open-source software as well as lax security by companies providing cloud services.
If you're uploading security logs to a remote system, and that system is compromised, you're essentially giving a blueprint for how to get into your network for those who now have your logs.
What's the best strategy for this? I have a few, each with advantages and disadvantages:
Each of these has advantages and disadvantages and I'm eager to see what others feel.