The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
内容由Anton Chuvakin提供。所有播客内容(包括剧集、图形和播客描述)均由 Anton Chuvakin 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
Player FM -播客应用
使用Player FM应用程序离线!
使用Player FM应用程序离线!
EP96 Cloud Security Observability for Detection and Response
Manage episode 346978000 series 2892548
内容由Anton Chuvakin提供。所有播客内容(包括剧集、图形和播客描述)均由 Anton Chuvakin 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
Guest:
- Jeff Bollinger, Director of Incident Response and Detection Engineering @ Linkedin
Topics:
- Observability sounds cool (please define it for us BTW), but relating it to security has been “hand-wavy” at best. What is your opinion on the relevance of observability data for security use cases? What use cases are those, apart from saving the data for IR just in case?
- How can we best approach observability in the cloud, particularly around network communications, so that we improve security as a result?
- Are there other areas of cloud where observability might be more relevant? Does the massive shift to TLS 1.3 impact this?
- If the Internet is shifting towards an end-user/device centric model with everything as a service (SaaS), how does security monitoring even work anymore?
- Does it mean the end of both endpoint and network eras and the arrival of the application security monitoring era?
- Can we do deep monitoring of complex applications and app clusters for abuse or should we just focus on identity and profiling?
Resources:
- “Instrumenting Modern Application Stack for Detection and Response” (ep34)
- “Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan” by Jeff Bollinger, Brandon Enright, Matthew Valites (book)
- RFC 7258 Pervasive Monitoring Is an Attack
- RFC 8890 Internet is for end users
- “(Re)building Threat Detection and Incident Response at LinkedIn”
- “Martian Chronicles“ by Ray Bradberry (because migrating to cloud is like flying to Mars)
169集单集
Manage episode 346978000 series 2892548
内容由Anton Chuvakin提供。所有播客内容(包括剧集、图形和播客描述)均由 Anton Chuvakin 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
Guest:
- Jeff Bollinger, Director of Incident Response and Detection Engineering @ Linkedin
Topics:
- Observability sounds cool (please define it for us BTW), but relating it to security has been “hand-wavy” at best. What is your opinion on the relevance of observability data for security use cases? What use cases are those, apart from saving the data for IR just in case?
- How can we best approach observability in the cloud, particularly around network communications, so that we improve security as a result?
- Are there other areas of cloud where observability might be more relevant? Does the massive shift to TLS 1.3 impact this?
- If the Internet is shifting towards an end-user/device centric model with everything as a service (SaaS), how does security monitoring even work anymore?
- Does it mean the end of both endpoint and network eras and the arrival of the application security monitoring era?
- Can we do deep monitoring of complex applications and app clusters for abuse or should we just focus on identity and profiling?
Resources:
- “Instrumenting Modern Application Stack for Detection and Response” (ep34)
- “Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan” by Jeff Bollinger, Brandon Enright, Matthew Valites (book)
- RFC 7258 Pervasive Monitoring Is an Attack
- RFC 8890 Internet is for end users
- “(Re)building Threat Detection and Incident Response at LinkedIn”
- “Martian Chronicles“ by Ray Bradberry (because migrating to cloud is like flying to Mars)
169集单集
所有剧集
×欢迎使用Player FM
Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。