faulker051

This book is probably the most thought-provoking book on security I read in the last 5-7 years! While I'm somewhat known from my proclivity to exaggerate, I assure you this is not an exaggeration. As I was reading it, I felt like I connected to deep layers of the subconsciousness of security industry. In fact, the influence this book already had on me is palpable: I found myself using some of the terms (such as author’s favorites, “intellectual capital” and “CASE”) and concepts on the next day after I started reading it. As a brief summary, the book investigates the evolution of the way we do information security from the “hacker-lead” late 1990s to “compliance-heavy” late 2000s and today. The author also highlights dramatic problems with today's approach to security and suggests some of the solutions in the way people think and operate around security. In fact, it might be one of the most influential books ever written in history of security industry - the one that appeared...

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “ Simple Log Review Checklist Released! ” is often at the top – the checklist is still a very useful tool for many people. “ On Free Log Management Tools ” is a companion to the checklist ( updated version ) “ Why No Open Source SIEM, EVER? ” (and this ) is next – for some weird reason. I suspect a lot of people still crave a free open source SIEM tool. “ On Choosing SIEM ” is about the least wrong way of choosing a SIEM tool – as well as why the right way is so unpopular. “ Log Management at $0 and 1hr/week? ” is where a lot of companies still are, thus this post became popular again. “ Top 10 Criteria for a SIEM? ” came from one of my last projects I did when running my SIEM consulting firm. In addition, I’d like to draw your attention to a few posts from my Gartner blog : Denial of Service research: Availability, Security and Why is DoS Fun? Cloud security monitorin...