Amazingly, Medium has fixed the stats so my blog/podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, and our Cloud Security Podcast (subscribe).Meta AI creation, steampunk themeTop 10 posts with the most lifetime views (excluding paper announcement blogs):Security ... Read More

https://cloud.withgoogle.com/cloudsecurity/podcast/A few weeks ago, our podcast turned ! In this case, we are talking about episodes, not years. We (that is, Tim Peacock and myself) definitely feel like we have to say something humorous, pithy, and uniquely insightful about this!Contrary to our previous commemorative blogs, we decided to focus on our ... Read More

Mention “alert fatigue” to a SOC analyst. They would immediately recognize what you are talking about. Now, take your time machine to 2002. Find a SOC analyst (much fewer of those around, to be sure, but there are some!) and ask him about alert fatigue — he would definitely understand what the ... Read More

Many organizations are looking for trusted advisors, and this applies to our beloved domain of cyber/information security. If you look at LinkedIn, many consultants present themselves as trusted advisors to CISOs or their teams.Untrusted Advisor by Dall-E via CopilotThis perhaps implies that nobody wants to hire an untrusted advisor. But if you ... Read More

Amazingly, Medium has fixed the stats so my blog/podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, and our Cloud Security Podcast (subscribe).Dall-E via Copilot, prompt “security blog quarterly, steampunk”Top 7 posts with the most lifetime views (excluding ... Read More

So some of you are thinking “ewwww … another security transformation paper” and this is understandable. A lot of people (and now … a lot of robots too) have written vague, hand-wavy “leadership” papers on how to transform security, include security into digital transformation or move to the cloud (now with GenAI!) ... Read More

Somebody asked me this profound question that (a) I feel needs an answer and that (b) I’ve never answered in the past:If you run a SOC (or an equivalent D&R team), what things should you require (demand, request, ask, beg … depending on the balance of corporate power) of other teams?Dall-E via Copilot ... Read More

Do I go to my Cloud Service Provider (CSP) for cloud security tooling or to a third party vendor?Who will secure my cloud use, a CSP or a focused specialty vendor?Who is my primary cloud security tools provider?This question asked in many ways has haunted me since my analyst days, and ... Read More

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator.In this blog (#9 in the series), we will cover a few higher level elements for moving to detection engineering approachesDetection Engineering is Painful — and It Shouldn’t Be (Part 1)Detection Engineering and SOC ... Read More

Learn Modern SOC and D&R practices for free from Google! Yes, really! That’s the message. Join *hundreds* of others who already signed up!Now, with full details….After some ungodly amount of work, the original ASO crew (but really Iman!) put together an epic Modern Security Operations training, now launched at Coursera at ... Read More