faulker051

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “ Why No Open Source SIEM, EVER? ” contains some of my SIEM thinking from 2009. Is it relevant now? Well, you be the judge.  Current popularity of open source   log search tools , BTW, does not break the logic of that post. Succeeding with SIEM requires a lot of work, whether you paid for the software, or not. Also, developing a SIEM is much harder than most people think. BTW, this post has an amazing “staying power” that is hard to explain – I suspect it has to do with people wanting “free stuff” …  [236 pageviews] “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases as well as this new post . Finally, see our new 2015 research on SIEM...