Hey, it is 2023, let’s debate SIEM again! Debate SIEM? In 2023? This is so 1997! Or perhaps 2017. Anyhow, Security Information and Event Management (SIEM) is a growing $4+B market that is proving remarkably resilient, and, actually, interesting again. Let’s start with an obligatory AI response: Let’s proceed with…

This post continues the discussion started in “Use Cloud Securely? What Does This Even Mean?!” and focuses on an area that should be easy for every purported security professional — defense in depth. So, before reading further, ask yourself two questions: Do you understand the concept of “defense in depth”…

Great blog posts are sometimes hard to find (especially on Medium), so I decided to do a periodic list blog with my favorite posts of the past quarter or so. Here is the next one. The posts below are ranked by lifetime views. This covers both Anton on Security and…

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our fifth Threat Horizons Report (full version) that we just released (the official blog for #1 report, my unofficial blogs for #2, #3 and #4). My favorite quotes from the report follow below: …

We have been running our Cloud Security Podcast by Google for almost 2 years (TWO YEARS!) and since we are on a break now, I wanted to reflect a bit, while Tim is relaxing on a beach somewhere warm and “hammy” 🙂 So, we aired 102 episodes, but what was…

In recent weeks, I did two fun webinars related to Security Operations, and there was a lot of fun Q&A. The questions below are sometimes slighting edited for clarity, typos, etc. For extra fun, I had ChatGPT answer some of them, to see if it can replace me :-) So…

This quick blog is essentially a summary of our (joint with Marshall from Mandiant) Google Cloud Next 2022 conference presentation (video) and a pointer to a just-released podcast on the same topic — security incident response (IR) in public cloud. In our Next presentation, we only had 18.5 minutes to…

As we discussed in our blogs, “Achieving Autonomic Security Operations: Reducing toil”, “Achieving Autonomic Security Operations: Automation as a Force Multiplier,” “Achieving Autonomic Security Operations: Why metrics matter (but not how you think)”, and the latest “More SRE Lessons for SOC: Release Engineering Ideas” your Security Operations Center (SOC) can…

An influential Gartner paper stated many years ago that “Clouds Are Secure: Are You Using Them Securely?” So began the legend of cloud security vs secure clouds. When I was an analyst, we sometimes had to discuss with clients whether various providers of public cloud services are “secure.” Over time…