Blackfort Technology
Blackfort Independent Log Vault
Product

Tamper-Proof Log Retention

Blackfort Independent Log Vault

Tamper-proof, audit-ready log retention — independent of your existing systems and administrators.

Request Product

Logs are the most important source for forensic analysis and compliance evidence. Yet in many environments, administrators can edit or delete logs. The Blackfort Independent Log Vault solves this: logs are stored immutably, cryptographically secured, and managed independently of your existing IT administration.

Core Capabilities

Tamper Resistance

Logs are stored with cryptographic signatures. Any modification after storage is detected and documented — regardless of existing administrator permissions.

Independent Instance

The Log Vault runs as a standalone instance with separate administrative rights. Existing system administrators have no access to Vault administration.

Broad Source Support

Syslog, Windows Event Logs, cloud logs (Azure, AWS, GCP), and application logs are collected centrally and stored securely.

Compliance Reporting

Pre-built compliance reports for NIS2, ISO 27001, DORA, and further standards. Audit-ready evidence at the click of a button.

Typical Use Cases

  • Compliance evidence for ISO 27001 audits
  • Forensic analysis following security incidents
  • Protection against insider attacks (log manipulation)
  • NIS2 and DORA logging requirements
  • Separation of system administration and log management

Request This Product

Interested in Blackfort Independent Log Vault? Talk to us about your requirements and receive a tailored proposal.

Send Request

Regulatory Context

The Independent Log Vault directly addresses requirements from ISO 27001 (Annex A.8.15 – Logging), NIS2 (Art. 21(2) – Recording and documentation), DORA (Art. 12 – ICT logging), and BSI IT-Grundschutz (OPS.1.1.5 – Logging). For regulated industries, tamper-proof log retention independent of IT administration is not optional — it is a measurable audit requirement. Auditors check not only whether logs exist, but whether they are demonstrably unmodified.

Real-World Scenarios

Security incident with manipulated logs

A managed service provider discovers after a security incident that local system logs have been modified — likely by the attacker. Forensic analysis is impossible. With the Independent Log Vault, all logs would be available in a separate, cryptographically secured instance — immutable, even for administrators.

ISO 27001 audit preparation

An IT service provider approaching its first ISO 27001 certification must demonstrate to auditors that logs from the past 12 months are complete and unmodified. Without an independent vault, this evidence cannot be produced reliably. With the Log Vault, the audit export is generated in minutes.

NIS2 compliance for a KRITIS operator

A critical infrastructure operator must demonstrate to the supervisory authority that all security-relevant events are logged and retained in accordance with NIS2 Art. 21(2). The Independent Log Vault provides the required evidence chain — with automatic retention periods per applicable framework.

Frequently Asked Questions

Does the Log Vault replace our existing SIEM?

No — the Log Vault is a dedicated secure retention layer, not a SIEM. It is designed to be fed by your SIEM or log management infrastructure and provides an immutable archive that your SIEM cannot modify. The combination of SIEM (for analysis) and Log Vault (for tamper-proof retention) is the recommended architecture.

Who administers the Log Vault?

Administration is separated from your existing IT administration by design. The Vault has its own administrative credentials managed independently — optionally by Blackfort as managed service, or by a designated internal team with no overlap with system administration.

Which log sources are supported?

Syslog, Windows Event Forwarding, REST API ingestion for cloud logs (Azure Monitor, AWS CloudWatch, GCP Cloud Logging), and direct agent-based collection. Custom integrations for proprietary application logs are available on request.

How long are logs retained?

Retention periods are configurable per log source and compliance requirement. Pre-configured templates for NIS2 (12 months), DORA (5 years for critical events), ISO 27001, and PCI DSS are included. Custom retention policies can be defined for any period.

Related Services

Security Logging & MonitoringBlackfort Privileged Activity ReviewNIS2 Consulting

Kontakt aufnehmen

Ready to strengthen your security?

Find out more about Blackfort Independent Log Vault and how it can improve your security posture.

Get in Touch