SOC Summit 2021 Presentation
Recently I had the opportunity to present to a group of Cyber Security Professionals on the topic of SIEM and SOC. It's a summary of most »
What is the gap between the current CSOC and AI?
Currently there are many cyber security vendors out there that provide solutions that offer "AI" (artificial intelligence) or "ML" (machine learning) without specifying what that actually »
10 Major API Log Collection Challenges for Threat Detection in a Cloud-Native World
TLDR: Here is a summary As the world is rapidly adopting cloud platforms among the world, organization’s dependency on additional SaaS, PaaS and IaaS vendors »
What is your Approach for Building Cyber Threat Use Cases?
In 2014 I'd written an article on the hard question of "Which SIEM use cases has most value/effect for the organization?" during my years in »
On-premise vs. Cloud Native SIEM Comparison: Microsoft Azure Sentinel
On-Premise SIEM vs. Cloud-Native Comparison In recent years there has been a shift within the SIEM landscape with regards of the focus of monitoring not only »
An OODA-driven SOC Strategy using: SIEM, SOAR and EDR
The last few years within the Cyber Security Operations Center (SOC) Domain, several new technologies having been trending that enhance SOC capabilities. In particular I want »
Why a mature SIEM environment is critical for SOAR implementation
With the emergence of SOAR technologies within the Security Operations domain it is clear that this technology has provided great value to departments swamped with tons »
SIEM SPEED Use Case Framework v1.0
What is a Use Case Framework? A Use Case Framework is an analytical tool that has a series of cyber security related distinctions which are translated »