faulker051

Here is my annual "Security Warrior" blog round-up of top 10 popular posts/topics in 2015. Note that my current Gartner blog is where you go for my recent blogging, all of the content below predates 2011. “ Why No Open Source SIEM, EVER? ” contains some of my SIEM thinking from 2009. Is it relevant now? Well, you be the judge.  Current emergence of open source log search tools ( ELK FTW !), BTW, does not break the logic of that post.  SIEM is still hard, whether OSS or not. “ Simple Log Review Checklist Released! ” is often at the top of this list – the checklist is still a very useful tool for many people. “ On Free Log Management Tools ” is a companion to the checklist ( updated version ) My classic PCI DSS Log Review series is always hot! The series of 18 posts cover a comprehensive log review approach (OK for PCI DSS 3.1 in 2015 as well), useful for building log review processes and procedures , whether regulatory or not. It is also described in more detail in ...

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month: “ Why No Open Source SIEM, EVER? ” contains some of my SIEM thinking from 2009. Is it relevant now? Well, you be the judge.  Current popularity of open source   log search tools , BTW, does not break the logic of that post. Succeeding with SIEM requires a lot of work, whether you paid for the software, or not. Also, developing a SIEM is much harder than most people think – some parts demand an open ended commitment from its developer. BTW, this post has an amazing “staying power” that is hard to explain – I suspect it has to do with people wanting “free stuff” and googling for “open source SIEM ” …  [206 pageviews] “ Simple Log Review Checklist Released! ” is often at the top of this list – this aging checklist is still a very useful tool for many people. “ On Free Log Management Tools ” is a companion to the checklist ( updated version ) [105 pagevi...