This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
内容由Anton Chuvakin提供。所有播客内容(包括剧集、图形和播客描述)均由 Anton Chuvakin 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
Player FM -播客应用
使用Player FM应用程序离线!
使用Player FM应用程序离线!
EP184 One Week SIEM Migration: Fact or Fiction?
Manage episode 432614867 series 2892548
内容由Anton Chuvakin提供。所有播客内容(包括剧集、图形和播客描述)均由 Anton Chuvakin 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
Guest:
- Manan Doshi, Senior Security Engineer @ Etsy
Questions:
- In your experience, what are the biggest challenges organizations face when migrating to a new SIEM platform? How did you solve them?
- Many SIEM projects have problems, but a decent chunk of these problems are not about the tool being broken. How did you decide to migrate? When is it time to go?
- Specifically, how to avoid constant change from product to product, each time blaming the tool for what are essentially process failures?
- How did you handle detection content during migration? Was AI involved?
- How did you test for this: “Which platform will best enable our engineering team to build what we need?”
- Tell us more about the Detection as Code pipeline you use?
- “Completed SIEM migration in a single week!” Is this for real?
Resources:
- Google Cloud Security Summit (August 20, 2024) and “Etsy and the art of SIEM Migration” presentation
- “Ancillary Justice” book
- StreamAlert
- SIEM migration blog (spicy version / vanilla version / long detailed version)
- Can We Have “Detection as Code”?
- Google SecOps
- EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
209集单集
Manage episode 432614867 series 2892548
内容由Anton Chuvakin提供。所有播客内容(包括剧集、图形和播客描述)均由 Anton Chuvakin 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
Guest:
- Manan Doshi, Senior Security Engineer @ Etsy
Questions:
- In your experience, what are the biggest challenges organizations face when migrating to a new SIEM platform? How did you solve them?
- Many SIEM projects have problems, but a decent chunk of these problems are not about the tool being broken. How did you decide to migrate? When is it time to go?
- Specifically, how to avoid constant change from product to product, each time blaming the tool for what are essentially process failures?
- How did you handle detection content during migration? Was AI involved?
- How did you test for this: “Which platform will best enable our engineering team to build what we need?”
- Tell us more about the Detection as Code pipeline you use?
- “Completed SIEM migration in a single week!” Is this for real?
Resources:
- Google Cloud Security Summit (August 20, 2024) and “Etsy and the art of SIEM Migration” presentation
- “Ancillary Justice” book
- StreamAlert
- SIEM migration blog (spicy version / vanilla version / long detailed version)
- Can We Have “Detection as Code”?
- Google SecOps
- EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
209集单集
所有剧集
×欢迎使用Player FM
Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。