We interrupt our regular programming (on SIEM this quarter) in order to briefly talk about security policy. In particular, about unrealistic, crazy, unimplementable policies that nobody even intends to comply with. The ones even security people themselves violate every day. The ones that users make fun of while violating them. Here are some notable examples: [...]
Archives for August, 2012
On Nebulous Security Policies
by Anton Chuvakin | August 29, 2012 | 2 Comments
On SIEM Deployment Evolution
by Anton Chuvakin | August 24, 2012 | Comments Off
Is your SIEM stuck in the past? Is it “mature”? Is it evolving? Is it solving one problem or many? Is it collecting logs or collecting dust? This post continues our journey into SIEM deployment architecture and SIEM operational processes. First, if your SIEM architecture was built in, say, 2003, and it has been solving [...]
Comments Off
Category: logging monitoring security SIEM Tags: security, security monitoring, SIEM
BlackHat 2012 Impressions
by Anton Chuvakin | August 16, 2012 | 3 Comments
(yes, I know my BlackHat 2012 post is woefully late, but such is life) So, BlackHat this year was, as always, pretty exciting, but I found the vendor expo to be especially fun. Unlike some other events, the booths had people who actually knew what they were talking about. In this highlights post, I wanted [...]
Category: conference security Tags: security
On People Running SIEM
by Anton Chuvakin | August 9, 2012 | 8 Comments
As promised, this next post from my SIEM research project is about people. Over the course of my 10+ year (!) experience with SIEM technology, I have come across organizations that assumed that buying and deploying a SIEM tool is all they need to do for security monitoring. I wish I can say that the [...]
Category: logging monitoring security SIEM Tags: security, security monitoring, SIEM
One Year at Gartner!
by Anton Chuvakin | August 2, 2012 | Comments Off
Believe it or not, but I’ve been at Gartner for a year. One whole year! I don’t feel like diving into deep reflections and long contemplations about it, but I wanted to share how it was. During this year, I … learned a lot, and expanded my security knowledge into new areas such as denial [...]
Comments Off
Category: announcement philosophy Tags:
