Syndicated Blog

Security Balance
Augusto Paes de Barros blog on many things cybersecurity.

Risk or Threat Oriented Security: Which Path Should We Choose?

|
Lately, I've been engaged in various discussions about what should drive our security efforts: risk or threats. It's an interesting debate, and today I want to explore it with you in a ...
Cybersecurity Is Not A Pair Of Sneakers

Cybersecurity Is Not A Pair Of Sneakers

|
"Just do it" does not work for cybersecurity. I've seen many comparisons with very complex things we've managed to accomplish. Man on the Moon, robots on Mars, etc. "We've manged to do all ...
Professional Certifications, Reboot!

Professional Certifications, Reboot!

|
 After two months and a few hundred dollars later, my most recent personal project is completed. 10 years after my TOGAF9 certification, I decided to play the test taker again and obtain ...
The Bright Future of Cloud SIEM

The Bright Future of Cloud SIEM

|
TL;DR: People keep questioning SIEM value, but cloud SIEM makes SIEM so much better. SIEM is now capable of delivering a lot of security value with far less effort from security teams.The ...
Some additional words on those SOC robots

Some additional words on those SOC robots

|
 The topic on SOC automation is really a fun one to think about, and even after putting my thoughts into words with my last post, I've still kept thinking about it. Some ...
The Robots Are Coming!

The Robots Are Coming!

|
 The debate around SOC automation has been a fun one to follow. Allie Mellen wrote a short but on the spot piece about it, reaffirming what seems to be the commonsense opinion on this topic today: Automation is good, but ...
An Analysis of Past Mistakes

An Analysis of Past Mistakes

|
 As I was looking for an old email in my archives, I stumbled on discussions about a security incident that happened almost 13 years ago. That was that time when, well, there's ...
Monitoring and Vulnerability Management

Monitoring and Vulnerability Management

 (Cross posted from the Securonix Blog)Vulnerability management is one of the most basic security hygiene practices organizations must have in place to avoid being hacked. However, even being a primary security control ...
DDLC - Detection Development Life Cycle

DDLC – Detection Development Life Cycle

| | SIEM, threat detection
Dr. Chuvakin has recently delivered another great blog post about "detection as code". I was glad to read it because it was the typical discussion we used have in our brainstorming conversations ...
NG SIEM?

NG SIEM?

| | SIEM
An interesting result from changing jobs is seeing how people interpret your decision and how they view the company you’re moving to. I was happy to hear good feedback from many people ...