This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
but also don’t expect questions… So, in recent weeks, I had a few simultaneous conversations with various people that focused on the quality of threatdetection. Here I’m talking about the quality of the entire detection capability of an organization. A macro-level detection quality, if you would. Have fun with it anyhow!
Popular Episodes by Topic This is simply a post that categorizes our podcast episodes by topic and then by download/listen count. Data security “Data Security in the Cloud“ “Modern Data Security Approaches: Is Cloud More Secure?”
Skills, Not Tiers” “Beware: Clown-grade SOCs Still Abound”” “Revisiting the Visibility Triad for 2020” Top 5 posts with the most Medium fans : “Security Correlation Then and Now: A Sad Truth About SIEM” “Beware: Clown-grade SOCs Still Abound” “Can We Have “Detection as Code”?” “Why Why Is ThreatDetection Hard?” “A
Skills, Not Tiers” “Beware: Clown-grade SOCs Still Abound”” “New Paper: “Future of the SOC: Forces shaping modern security operations”” Top 5 posts with the most Medium fans : “Security Correlation Then and Now: A Sad Truth About SIEM” “Beware: Clown-grade SOCs Still Abound” “Can We Have “Detection as Code”?” “Why
Why Is ThreatDetection Hard?” “A A SOC Tried To DetectThreats in the Cloud … You Won’t Believe What Happened Next” Top 5 Cloud Security Podcast by Google episodes: Episode 1“Confidentially Speaking” Episode 47 “Megatrends, Macro-changes, Microservices, Oh My! Random fun new posts: “Detection as Code?
Skills, Not Tiers” “Beware: Clown-grade SOCs Still Abound”” “New Paper: “Future of the SOC: Forces shaping modern security operations” Top 5 posts with the most Medium fans : “Security Correlation Then and Now: A Sad Truth About SIEM” “Beware: Clown-grade SOCs Still Abound” “Can We Have “Detection as Code”?” “Why Right of SIEM? Get It Right!”
Why Is ThreatDetection Hard?” Changes in 2022 and Beyond in Cloud Security” EP8 Zero Trust: Fast Forward from 2010 to 2021 Now, fun posts by topic. How to think about threatdetection in the cloud” [GCP blog] “Who Does What In Cloud ThreatDetection?” “A What Does This Even Mean?!” “How
Beware: Clown-grade SOCs Still Abound Detection Engineering is Painful — and It Shouldn’t Be (Part 1) [now a 10 post series, not yet finished…] Why is ThreatDetection Hard? Revisiting the Visibility Triad for 2020” “ Beware: Clown-grade SOCs Still Abound ” “Why is ThreatDetection Hard?” “A Use Cloud Securely?
So, in recent weeks, I had a few simultaneous conversations with various people that focused on the quality of threatdetection. Here I’m talking about the quality of the entire detection capability of an organization. A macro-level detection quality, if you would. In the old days (eh … 2010?)
“New Paper: “Future of the SOC: SOC People — Skills, Not Tiers” ” “Revisiting the Visibility Triad for 2020” “A SOC Tried To DetectThreats in the Cloud … You Won’t Believe What Happened Next” “Why is ThreatDetection Hard?” Why Is ThreatDetection Hard?” What Does This Even Mean?!” “How
Can We Have “Detection as Code”?”. Why Is ThreatDetection Hard?”. Security operations / detection & response: “Security Correlation Then and Now: A Sad Truth About SIEM”. “Can Can We Have “Detection as Code”?”. Why is ThreatDetection Hard?”. “A Episode 12 “Threat Models and Cloud Security”.
Why Is ThreatDetection Hard?” Changes in 2022 and Beyond in Cloud Security” EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil Zero Trust: Fast Forward from 2010 to 2021 Now, fun posts by topic. Who Does What In Cloud ThreatDetection?” “A What Does This Even Mean?!” “Who
Why Is ThreatDetection Hard?” “A A SOC Tried To DetectThreats in the Cloud … You Won’t Believe What Happened Next” Top 5 Cloud Security Podcast by Google episodes: Episode 1“Confidentially Speaking” Episode 2 “Data Security in the Cloud” Episode 47 “Megatrends, Macro-changes, Microservices, Oh My! “A
Skills, Not Tiers” Top 5 posts with the most Medium fans : “Security Correlation Then and Now: A Sad Truth About SIEM” “Beware: Clown-grade SOCs Still Abound” “Can We Have “Detection as Code”?” “Why Why Is ThreatDetection Hard?” “New New Paper: “Future of the SOC: SOC People?—?Skills, Skills, Not Tiers” Now, posts by topic.
“Can We Have “Detection as Code”?”. Why Is ThreatDetection Hard?”. “A A SOC Tried To DetectThreats in the Cloud … You Won’t Believe What Happened Next”. Episode 8 “Zero Trust: Fast Forward from 2010 to 2021”. Episode 27 “The Mysteries of Detection Engineering: Revealed!”. Left of SIEM?
Zero Trust: Fast Forward from 2010 to 2021“. The Mysteries of Detection Engineering: Revealed! “. Modern ThreatDetection at Google“. Threatdetection (top 5). The Mysteries of Detection Engineering: Revealed! “. Modern ThreatDetection at Google“. Top 5 overall. Zero trust.
Beware: Clown-grade SOCs Still Abound Detection Engineering is Painful — and It Shouldn’t Be (Part 1) Why is ThreatDetection Hard? Revisiting the Visibility Triad for 2020” “ Beware: Clown-grade SOCs Still Abound ” “Why is ThreatDetection Hard?” “A Does the World Need Cloud Detection and Response (CDR)?” “Use
The evolving landscape of cyber warfare Historical precedents, such as the Stuxnet worm , which targeted and sabotaged Iran's nuclear enrichment facilities in 2010, highlight the devastating potential of cyberattacks on national security.
Role of Context in ThreatDetection”. Can We Have “Detection as Code”?”. Why Is ThreatDetection Hard?”. “A A SOC Tried To DetectThreats in the Cloud … You Won’t Believe What Happened Next”. Episode 8 “Zero Trust: Fast Forward from 2010 to 2021”. Random fun new posts: “Detection as Code?
Ultimately, this is where detection and response money is. A few booths actually had “TDIR” on them which stands for ThreatDetection, Investigation and Response. Finally, the agent debate is still on, perhaps not surprisingly (for deeper runtime detection and response, especially in VMs, what else can you do?).
CrowdStrike consistently earns top rankings in MITRE ATT&CK and MSSP evaluations, validating its effectiveness in real-world threatdetection. KnowBe4 Best for security awareness training Headquarters: Clearwater, Florida Founded: 2010 Annual Revenue: $0.2 Visit CrowdStrike 6. Visit Tenable 9.
“Can We Have “Detection as Code”?”. Why Is ThreatDetection Hard?”. “A A SOC Tried To DetectThreats in the Cloud … You Won’t Believe What Happened Next”. Episode 17 “Modern ThreatDetection at Google”. Episode 8 “Zero Trust: Fast Forward from 2010 to 2021”. Can We Have “Detection as Code”?”.
Why Is ThreatDetection Hard?” Changes in 2022 and Beyond in Cloud Security” EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil Zero Trust: Fast Forward from 2010 to 2021 Now, fun posts by topic. Who Does What In Cloud ThreatDetection?” “A What Does This Even Mean?!” “Who
“Can We Have “Detection as Code”?”. Why Is ThreatDetection Hard?”. “A A SOC Tried To DetectThreats in the Cloud … You Won’t Believe What Happened Next”. Episode 17 “Modern ThreatDetection at Google”. Episode 8 “Zero Trust: Fast Forward from 2010 to 2021”. Can We Have “Detection as Code”?”.
Founded in 2010 by veteran SaaS and DevOps industry leaders, Datadog specializes in optimizing the service-oriented architecture, helping organizations monitor user journeys and explore service relationships. In 2022, the Arizona-based vendor specializes in network performance monitoring and threat analysis with its Observer platform.
Exabeam Fusion is the company’s threatdetection, investigation, and response (TDIR) solution bringing together automated , next-generation SIEM and XDR capabilities. Beyond centralized log management, Exabeam Fusion includes a stack of security features to aid in an era of advanced threats. Exabeam Fusion.
Other features include auditing, activity monitoring, threatdetection, and more. Through acquisitions in the 2000s, SAP launched their database platform, HANA, in 2010. Started in 1995, Trustwave prides itself on their advanced threatdetection and managed security service (MSSP) product offerings.
Ultimately, this is where detection and response money is. A few booths actually had “TDIR” on them which stands for ThreatDetection, Investigation and Response. Finally, the agent debate is still on, perhaps not surprisingly (for deeper runtime detection and response, especially in VMs, what else can you do?).
Gartner played a big role in the development of cloud security terminology, coining the term “Cloud Workload Protection Platform” in 2010 to describe a tool used for safeguarding virtual machines and containers. The performance of cloud workloads may be impacted by monitoring and real-time threatdetection.
He retired as a colonel in 2010. He has 15 years of cybersecurity technical product and program management experience delivering cyber solutions and developing thought leadership across multiple verticals, with a focus on threatdetection, threat exposure management, response/remediation and protection.
As cloud computing upends traditional perimeter models of cybersecurity, new cloud security models have emerged, and CWPP was one of the first to appear back in 2010. Real-time threatdetection, workload visibility, and adaptive security policies are further features of Illumio Core.
Detection Engineering is Painfuland It Shouldnt Be (Part1) Revisiting the Visibility Triad for 2020 (update for 2024 is coming soonBTW!) Beware: Clown-grade SOCs StillAbound Why is ThreatDetection Hard? A SOC Tried To DetectThreats in the Cloud You Wont Believe What HappenedNext Top 10 SIEM Log Sources in Real Life?
for making Tim’s head spin to keep up with him Finally, here are the top 7 episodes of all time by listens, excluding the oldest three: EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil EP8 Zero Trust: Fast Forward from 2010 to 2021 EP47 “Megatrends, Macro-changes, Microservices, Oh My!
According to Richard Bejtlich’s paper on the topic , ‘the United States Air Force coined the phrase ‘advanced persistent threat’ in 2006 because teams working within the service needed a way to communicate with counterparts in the unclassified public world.’ From then on, APT became a heavily used, marketable term.
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content