Not a SOC FAQ! This is SOC FMD!
Somebody asked me this profound question that (a) I feel needs an answer and that (b) I’ve never answered in the past:If you run a SOC (or an equivalent D&R team), what things ...
The Great Cloud Security Debate: CSP vs. Third-Party Security Tools
Do I go to my Cloud Service Provider (CSP) for cloud security tooling or to a third party vendor?Who will secure my cloud use, a CSP or a focused specialty vendor?Who is my ...
Guide your SOC Leaders to More Engineering Wisdom for Detection(Part 9)
This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator.In this blog (#9 in the series), we will cover a few higher level ...
Learn Modern SOC and D&R Practices Using Autonomic Security Operations (ASO) Principles
Learn Modern SOC and D&R practices for free from Google! Yes, really! That’s the message. Join *hundreds* of others who already signed up!Now, with full details….After some ungodly amount of work, the original ...
Google Cloud Security Threat Horizons Report #10 Is Out!
This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Threat Horizons Report (full version) that we just released (the official blog for ...
Anton’s Security Blog Quarterly Q2 2024
Amazingly, Medium has fixed their stats (so not all is lost) so my blog quarterly is back to life. As before, this covers both Anton on Security and my posts from Google ...
We Love What’s Broken … Yes, This Of Course Means SIEM!
We Love What’s Broken … Yes, This Of Course Means SIEM!SIEM challenges never stopped me from loving this technology, but I am very cognizant of YMMV. Anyhow, CardinalOps released their annual “state of SIEM” ...
No Snow, No Flakes: Pondering Cloud Security Shared Responsibility, Again!
Disclaimer: this blog is very obviously inspired by current events, but it is absolutely not about those events. Meoooow! Lawyercats, stay away! No mice here.Dall-E via Copilot Lawyer Cat, Steampunk VibeSo, I hear ...
Back to Cooking: Detection Engineer vs Detection Consumer, Again?
This is not a blog about the recent upheaval in the magical realm of SIEM. We have a perfectly good podcast / video about it (complete with hi-la-ri-ous XDR jokes, both human ...
RSA (“RSAI”) Conference 2024 Powered by AI with AI on Top — AI Edition (Hey AI, Is This Enough AI?)
RSA (“RSAI”) Conference 2024 Powered by AI with AI on Top — AI Edition (Hey AI, Is This Enough AI?)Where do we have “41,000 attendees, 650 speakers, 600 exhibitors and 400 members of the media” ...
