Back to Basics: Indispensable Security Processes for Detection and Response

For our new research project focused on starting your detection and response effort, we are thinking about an essential bundle of security operations processes needed for such effort. Sort of “security operations processes you must get right in the beginning” inspired by what is done here for all security processes. So, let’s start (and keep
Read more

Monthly Blog Round-Up – January 2018

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts based on lastmonth’s visitor data  (excluding other monthly or annual round-ups):“New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports ; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases. Finally, see our 2016 research on developing security monitoring use cases here – and we just UPDATED IT FOR 2018.“Why No Open Source SIEM, EVER?” contains some of my SIEM thinking from 2009 (oh, wow, ancient history!). Is it relevant now? You be the judge.  Succeeding with SIEM requires a lot of work, whether you paid for the software, or not. BTW, this post has an amazing “staying power” that is hard to explain – I suspect it has to do with people wanting “free stuff” and googling for “open source SIEM” …  Again, my classic PCI DSS Log...
Read more
Page 1 of 812345...Last »