Tagged in

Detection

Anton on Security
Anton on Security
A new start for my security blog. Also see our podcast at bit.ly/CloudSecPodcast
More information
Followers
1.7K
Elsewhere
More, on Medium

20 Years of SIEM Webinar Q&A

I recently did this fun SANS webinar titled “Anton Chuvakin Discusses “20 Years of SIEM — What’s Next?”” (the seemingly self-centered title was suggested by CardinalOps who organized the webinar). As it is common for SANS webinars, we got a lot of great questions that I feel…


Chronicle Detect is Here

A lot of people ask me how Chronicle is doing inside Google Cloud (TLDR: doing well), and I wanted to share some good news. I also wanted to reveal some of our lessons building our threat detection capabilities (that we just released).


Can We Have “Detection as Code”?

One more idea that has been bugging me for years is an idea of “detection as code.” Why is it bugging…


Detection Coverage and Detection-in-Depth

For some time, I’ve been also fascinated with the concept of detection-in- depth and a somewhat related concept of optimal detection coverage.

This fascination was born out of a particular type of analyst inquiry I used to get: if…