Security Balance
Augusto Paes de Barros blog on many things cybersecurity.
Risk or Threat Oriented Security: Which Path Should We Choose?
Lately, I've been engaged in various discussions about what should drive our security efforts: risk or threats. It's an interesting debate, and today I want to explore it with you in a ...
Cybersecurity Is Not A Pair Of Sneakers
"Just do it" does not work for cybersecurity. I've seen many comparisons with very complex things we've managed to accomplish. Man on the Moon, robots on Mars, etc. "We've manged to do all ...
Professional Certifications, Reboot!
After two months and a few hundred dollars later, my most recent personal project is completed. 10 years after my TOGAF9 certification, I decided to play the test taker again and obtain ...
The Bright Future of Cloud SIEM
TL;DR: People keep questioning SIEM value, but cloud SIEM makes SIEM so much better. SIEM is now capable of delivering a lot of security value with far less effort from security teams.The ...
Some additional words on those SOC robots
The topic on SOC automation is really a fun one to think about, and even after putting my thoughts into words with my last post, I've still kept thinking about it. Some ...
The Robots Are Coming!
The debate around SOC automation has been a fun one to follow. Allie Mellen wrote a short but on the spot piece about it, reaffirming what seems to be the commonsense opinion on this topic today: Automation is good, but ...
An Analysis of Past Mistakes
As I was looking for an old email in my archives, I stumbled on discussions about a security incident that happened almost 13 years ago. That was that time when, well, there's ...
Monitoring and Vulnerability Management
(Cross posted from the Securonix Blog)Vulnerability management is one of the most basic security hygiene practices organizations must have in place to avoid being hacked. However, even being a primary security control ...
DDLC – Detection Development Life Cycle
Dr. Chuvakin has recently delivered another great blog post about "detection as code". I was glad to read it because it was the typical discussion we used have in our brainstorming conversations ...
NG SIEM?
An interesting result from changing jobs is seeing how people interpret your decision and how they view the company you’re moving to. I was happy to hear good feedback from many people ...