This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator.
Medium frowns at re-/cross-posting, so this should work:
So, if you are too busy to read our amazing (duh!) new blog “Revisiting Traditional Security Advice for Modern Threats”, here are the key ideas from it.
Great blog posts are sometimes hard to find (especially on Medium), so I decided to do a periodic list blog with my favorite posts of the past quarter or so.
I recently did this fun SANS webinar titled “Anton Chuvakin Discusses “20 Years of SIEM — What’s Next?”” (the seemingly self-centered title was suggested by CardinalOps who organized the webinar). As it is common for SANS webinars, we got a lot of great questions that I feel…
As we discussed in “Achieving Autonomic Security Operations: Reducing toil” (or it’s early…
My admittedly epic (but dated) post “Security Correlation Then and Now: A Sad Truth About SIEM” mentioned the issue of TRUST as it applies to SIEM. Specifically, as a bit of a throwaway comment, I said “people write stupid string-matching and regex-based content because they trust it…