faulker051

Here is my annual "Security Warrior" blog round-up of top 10 popular posts/topics in 2014. “ Why No Open Source SIEM, EVER? ” contains some of my SIEM thinking from 2009. Is it relevant now? Well, you be the judge.  Current emergence of open sources log search tools ( ELK FTW !), BTW, does not break the logic of that post. “ Simple Log Review Checklist Released! ” is often at the top of this list – the checklist is still a very useful tool for many people. “ On Free Log Management Tools ” is a companion to the checklist ( updated version ) “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases. My classic PCI DSS Log Review series is always hot! The series of 18 posts cover a comprehensive log review approach (OK for PCI DSS 3.0 in 2015 as wel...

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “ Why No Open Source SIEM, EVER? ” contains some of my SIEM thinking from 2009. Is it relevant now? Well, you be the judge.  Current emergence of open sources log search tools , BTW, does not break the logic of that post. “ Simple Log Review Checklist Released! ” is often at the top of this list – the checklist is still a very useful tool for many people. “ On Free Log Management Tools ” is a companion to the checklist ( updated version ) My classic PCI DSS Log Review series is always popular! The series of 18 posts cover a comprehensive log review approach (OK for PCI DSS 3.0 as well), useful for building log review processes and procedures , whether regulatory or not. It is also described in more detail in our Log Management book and mentioned in our PCI book (just out in its 4th edition! )  “ Top 10 Criteria for a SIEM? ” came from one of my last projects I did w...