Friday, September 01, 2017

Monthly Blog Round-Up – August 2017

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this
month:
  1. Why No Open Source SIEM, EVER?” contains some of my SIEM thinking from 2009. Is it relevant now? You be cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 judge.  Succeeding with SIEM requires a lot of work, whecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r you paid for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 software, or not. BTW, this post has an amazing “staying power” that is hard to explain – I suspect it has to do with people wanting “free stuff” and googling for “open source SIEM” … 
  2. Simple Log Review Checklist Released!” is often at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 top of this list – this aging checklist is still a very useful tool for many people. “On Free Log Management Tools” (also aged a bit by now) is a companion to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 checklist (updated version)
  3. “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases. Finally, see our 2016 research on developing security monitoring use cases here!
  4. Again, my classic PCI DSS Log Review series is extra popular! The series of 18 posts cover a comprehensive log review approach (OK for PCI DSS 3+ even though it predates it), useful for building log review processes and procedures, whecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r regulatory or not. It is also described in more detail in our Log Management book and mentioned in our PCI book (now in its 4th edition!) – note that this series is mentioned in some PCI Council materials. 
  5. SIEM Resourcing or How Much cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Friggin’ Thing Would REALLY Cost Me?” is a quick framework for assessing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 SIEM project (well, a program, really) costs at an organization (a lot more details on this here in this paper).
In addition, I’d like to draw your attention to a few recent posts from my Gartner blog [which, BTW, now has more than 5X of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 traffic of this blog]: 

Current research on SIEM:
Miscellaneous fun posts:

(see all my published Gartner research here)
Also see my past monthly and annual “Top Popular Blog Posts” – 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016.

Disclaimer: most content at SecurityWarrior blog was written before I joined Gartner on August 1, 2011 and is solely my personal view at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 time of writing. For my current security blogging, go here.

Previous post in this endless series:

Dr Anton Chuvakin