Yes, Log360 enables organizations to define custom log retention and archiving policies. This ensures that logs are stored for the specific duration mandated by the ECC and CSCC frameworks in an encrypted and hashed format.
The National Cybersecurity Authority (NCA) in Saudi Arabia established the Essential Cybersecurity Controls (ECC) and the Critical Systems Cybersecurity Controls (CSCC) to define the minimum cybersecurity requirements for entities within the Kingdom. These frameworks aim to protect national security, critical infrastructure, and government services. By adhering to NCA mandates, organizations ensure a robust defense against cyberthreats through four main pillars: cybersecurity governance, defense, resilience, and third-party/cloud security.
NCA ECC mandates the secure generation and collection of logs across all information assets. Log360 provides a centralized SIEM engine that ingests logs from servers, databases, and network devices to deliver 24/7 visibility into your security posture so you can detect unauthorized activities instantly.
NCA’s defense requirements mandate robust detection processes so that organizations can proactively identify anomalous behavior. Log360 features over 2,000 out-of-the-box threat detection rules and a correlation engine that identifies complex attack vectors, such as lateral movement and ransomware execution, in real time.
The privileged access auditing and identity governance of the NCA requires strict control over administrative and privileged accounts. Log360 monitors all privileged user activities, including MFA bypass attempts and unauthorized access to critical systems, ensuring the principle of least privilege is maintained.
The NCA mandates a structured response and investigation to ensure forensic readiness and incident analysis in the event of a breach. Log360 maintains an immutable audit trail with cryptographic hashing, enabling forensic investigators to conduct root cause analysis and reconstruct the timeline of an incident.
For entities operating within Saudi Arabia, failing to adhere to the National Cybersecurity Authority’s mandates can result in serious consequences.
ManageEngine Log360 provides an integrated SIEM solution that helps organizations align with the rigorous standards of the ECC and CSCC frameworks. From automated log retention to sophisticated behavioral analytics, Log360 ensures your entity meets the technical requirements of the NCA. Explore the complete capability mapping below:
Explore the complete capability mapping below:
| Standard code | Requirement description | How Log360 can help |
|---|---|---|
| ECC-1-1 | Cybersecurity governance | Provides executive-level dashboards and compliance reports that enable management to oversee the cybersecurity posture and maturity of the organization. |
| ECC-2-1 | Information assets management | Automatically discovers hardware and software assets across the network, maintaining a comprehensive and up-to-date asset inventory. |
| ECC-2-2 | Identity and access management | Audits all authentication events, monitors MFA logs, and tracks changes to access permissions to prevent unauthorized access. |
| ECC-2-10 | Logging and monitoring | Serves as the technical engine for centralized log management, ensuring that logs are securely collected, stored, and analyzed for 24/7 monitoring. |
| ECC-2-11 | Cybersecurity incident management | Automatically converts detected threats into incidents and provides an integrated console for incident tracking, assignment, and remediation. |
| ECC-2-12 | Application security | Monitors application logs for anomalous behavior and unauthorized access attempts, ensuring the security of critical business applications. |
| ECC-3-1 | Cybersecurity resilience | Maintains an immutable audit trail with cryptographic hashing to support root cause analysis and forensic investigations during recovery. |
| CSCC-2-2 | Privileged access management | Provides specialized auditing for privileged accounts on critical systems, alerting the SOC to any unauthorized administrative actions. |
Log360 streamlines your NCA compliance process by automating data collection, speeding up audits, reducing manual errors, and maintaining continuous security compliance effortlessly.
Monitor your compliance posture in real time. Log360 correlates logs from users, systems, and network devices to uncover hidden patterns that may indicate compliance gap or security threats, making it easier to demonstrate compliance to auditors.
Learn moreReceive instant alerts whenever compliance violations occur in your network. Log360 continuously scans your environment in real time to detect and notify you of potential breaches, helping you mitigate risks before they escalate into penalties.
Learn moreYes, Log360 enables organizations to define custom log retention and archiving policies. This ensures that logs are stored for the specific duration mandated by the ECC and CSCC frameworks in an encrypted and hashed format.
Absolutely. Log360 provides prebuilt audit reports for access control, system changes, and incident response. These reports provide the verifiable evidence required by auditors to prove compliance with NCA controls.
Log360 monitors critical systems in real time using UEBA and advanced correlation. It identifies zero-day threats and insider risks that could compromise critical infrastructure, allowing for instant containment through automated response playbooks.
Our solutions undergo rigorous third-party audits to ensure compliance with the same global security and privacy standards we help you achieve.
Explore how Log360 can unify your security analytics, reduce noise, and provide clear, actionable insights.