RSA 2025: AI’s Promise vs. Security’s Past — A Reality Check”
RSA 2025: AI’s Promise vs. Security’s Past — A Reality CheckAh, RSA. That yearly theater (Carnival? Circus? Orgy? Got any better synonyms, Gemini?) of 44,000 people vaguely (hi salespeople!) related to cybersecurity … where the air is thick with buzzwords and the vendor halls echo with promises of a massive revolution — every year.Gemini imagines RSA 2025 ... Read More
Anton’s Security Blog Quarterly Q1 2025
Amazingly, Medium has fixed the stats so my blog/podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, and our Cloud Security Podcast (subscribe).Dall-E security blogging imageTop 10 posts with the most lifetime views (excluding paper announcement blogs, Medium posts only):Security ... Read More
The Return of the Baby ASO: Why SOCs Still Suck?
“Flickering screens, a sickly, yellow glow. Humming servers, a constant, low thrum of digital malaise. Alerts screamed into the void, a cacophony of meaningless noise, lost in the echoing expanse of our digital tomb. Playbooks, relics of a forgotten war, their pages yellowed and brittle, offered no solace, only a ... Read More
A Fair Weather SOC: 5 Signs It’s Time to Panic (and Fix It!)
A fair-weather SOC by Meta AIDo you have a fair-weather friend? Or two?Fair weather friend (via Google)OK, do you also have a fair-weather SOC?This train of thought was inspired by reading pilot forums about how some training approaches lead to “fair weather pilots” who perform well in all cases except real emergencies. Anyhow, ... Read More
15+ Years of Loading Threat Intel into SIEM: Why Does This Still Suck?
Unfortunately, I am old enough to remember how SIEM was done before the arrival of threat intelligence feeds. We had to write broad behavioral (well, “behavioral-ish”, if I am totally honest) rules without relying on any precise knowledge of attacker infrastructure and details of their operations (IF event_type=exploit FOLLOWED BY ... Read More
Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security
[written together with Marina Kaganovich, Executive Trust Lead, Office of the CISO @ Google Cloud; originally posted here]In 2024, we shared our insights on how to approach generative AI securely by exploring the fundamentals of this innovative technology, delving into key security terms, and examining the essential policies needed for AI ... Read More
Google Cloud Security Threat Horizons Report #11 Is Out!
This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Threat Horizons Report, #11 (full version) that we just released (the official blog for #1 report, my unofficial blogs for #2, #3, #4, #5, #6, #7, #8, #9 and #10).My favorite quotes ... Read More
A Brief Guide for Dealing with ‘Humanless SOC’ Idiots
image by Meta.AI lampooning humanless SOCMy former “colleagues” have written several serious pieces of research about why a SOC without humans will never happen (“Predict 2025: There Will Never Be an Autonomous SOC”, “The “Autonomous SOC” Is A Pipe Dream”, “Stop Trying To Take Humans Out Of Security Operations”). But ... Read More
New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)
After a long, long, long writing effort … eh … break, we are ready with our 5th Deloitte and Google Cloud Future of the SOC paper “Future of SOC: Transform the ‘How’.”As a reminder (and I promise you do need it; it has been years…), the previous 4 papers are:“New Paper: “Future of the ... Read More
Anton’s Security Blog Quarterly Q4 2024
Amazingly, Medium has fixed the stats so my blog/podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, and our Cloud Security Podcast (subscribe).Meta AI creation, steampunk themeTop 10 posts with the most lifetime views (excluding paper announcement blogs):Security ... Read More
