Posts

Monthly Blog Round-Up – August 2018

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts based on last month’s visitor data  (excluding other monthly or annual round-ups): “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010 – much ancient!) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases. Finally, see our research on developing security monitoring use cases here – and that we updated for 2018 . A lot more SIEM use case discussion is coming, here is a new post for 2018 SIEM use cases. “ Simple Log Review Checklist Released! ” is often at the top of this list – this rapidly aging checklist is still a useful tool for many people. “ On Free Log Management Tools ” (also aged quite a bit by now) is a companion to the checklist ( updated version ) “ Why No Open Source SIEM, EVER? ” contains some...
Post a Comment
Read more

Monthly Blog Round-Up – July 2018

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts based on last month’s visitor data  (excluding other monthly or annual round-ups): “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010 – much ancient!) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases. Finally, see our research on developing security monitoring use cases here – and that we updated for 2018 . A lot more SIEM use case discussion is coming, here is a new post for 2018 SIEM use cases. “ Why No Open Source SIEM, EVER? ” contains some of my SIEM thinking from 2009 (oh, wow, ancient history!). Is it relevant now? You be the judge.  Succeeding with SIEM requires a lot of work, whether you paid for the software, or not. BTW, this post has an amazing “staying power” that is hard to explain – I...
Post a Comment
Read more

Monthly Blog Round-Up – May 2018

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts based on last month’s visitor data  (excluding other monthly or annual round-ups): “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010 – much ancient!) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases. Finally, see our research on developing security monitoring use cases here – and that we UPDATED FOR 2018 . “ Why No Open Source SIEM, EVER? ” contains some of my SIEM thinking from 2009 (oh, wow, ancient history!). Is it relevant now? You be the judge.  Succeeding with SIEM requires a lot of work, whether you paid for the software, or not. BTW, this post has an amazing “staying power” that is hard to explain – I suspect it has to do with people wanting “free stuff” and googling for “open source SIEM ” ...
Post a Comment
Read more

Monthly Blog Round-Up – April 2018

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts based on last month’s visitor data  (excluding other monthly or annual round-ups): “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases. Finally, see our research on developing security monitoring use cases here – and we just UPDATED IT FOR 2018 . “ Simple Log Review Checklist Released! ” is often at the top of this list – this rapidly aging checklist is still a useful tool for many people. “ On Free Log Management Tools ” (also aged quite a bit by now) is a companion to the checklist ( updated version ) “ Updated With Community Feedback SANS Top 7 Essential Log Reports DRAFT2 ” is about top log reports project of 2008-2013, I think these are still very us...
Post a Comment
Read more

Monthly Blog Round-Up – February 2018

It is mildly shocking that I’ve been blogging for 13+ years (my first blog post on this blog was in December 2005, my old blog at O’Reilly predates this by about a year), so let’s spend a moment contemplating this fact. <contemplative pause here :-)> Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts based on last month’s visitor data  (excluding other monthly or annual round-ups): “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases. Finally, see our 2016 research on developing security monitoring use cases here – and we just UPDATED IT FOR 2018 . “ Updated With Community Feedback SANS Top 7 Essential Log Reports DRAFT2 ” is about top log reports project of 2008-2013, I think these are still very ...
Post a Comment
Read more

Monthly Blog Round-Up – January 2018

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts based on last month’s visitor data  (excluding other monthly or annual round-ups): “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases. Finally, see our 2016 research on developing security monitoring use cases here – and we just UPDATED IT FOR 2018 . “ Why No Open Source SIEM, EVER? ” contains some of my SIEM thinking from 2009 (oh, wow, ancient history!). Is it relevant now? You be the judge.  Succeeding with SIEM requires a lot of work, whether you paid for the software, or not. BTW, this post has an amazing “staying power” that is hard to explain – I suspect it has to do with people wanting “free stuff” and googling for “open source SIEM ” …  A...
Post a Comment
Read more

Annual Blog Round-Up – 2017

Here is my annual "Security Warrior" blog round-up of top 10 popular posts in 2017. Note that my current Gartner blog is where you go for my recent blogging ( example ), all of the content below predates 2011 ! “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases. Finally, see our 2016 research on developing security monitoring use cases here ! “ Why No Open Source SIEM, EVER? ” contains some of my SIEM thinking from 2009. Is it relevant now? You be the judge.  Succeeding with SIEM requires a lot of work, whether you paid for the software, or not. “ Simple Log Review Checklist Released! ” is often at the top of this list – the checklist is still a very useful tool for many people. “ On Free Log Management Tools ” is a companion to the check...
Post a Comment
Read more