Click here to check if anything new just came in.
January 26 2012
January 13 2012
Links for 2012-01-12 [del.icio.us]
- Hunting trips: network traffic log analysis | Overhack
First, and most importantly, always keep in mind that we’re only identifying anomalies, not automatically classifying “bad” traffic.
January 12 2012
January 10 2012
January 04 2012
Annual Blog Round-Up – 2011
Here is my annual "Security Warrior" blog round-up of top 10 popular posts/topics in 2011. This list covers the posts most popular in 2011, not necessarily only those written in 2011.
Disclaimer: all this content was written before I joined Gartner on Aug 1, 2011 and is solely my personal view at the time of writing. For my current security blogging, go here.
- “Simple Log Review Checklist Released!” was again the most popular this year. The checklist, a list of critical things to look for while reviewing system, network and security logs when responding to a security incident
- PCI DSS Log Review series of posts take the #2 spot; they are about planning and executing PCI DSS-driven log review at an organization
- “On Free Log Management Tools” is another perma-popular post, presenting a companion resource to the log checklist above
- “On Choosing SIEM” is about the least wrong way of choosing a SIEM tool – as well as why the right way is so unpopular.
- “Log Management at $0 and 1hr/week?” is pretty much what it is. How to do log management under extreme budget AND time constraints?
- “Top 10 Criteria for a SIEM?” is an EXAMPLE criteria list for choosing a SIEM.
- “SIEM Resourcing or How Much the Friggin’ Thing Would REALLY Cost Me?” is a quick approach of planning SIEM costs
- A humorous post “Top 10 Things Your Log Management Vendor Won't Tell You”
- 2009 post called “Log Management + SIEM = ?” gives some quick architecture advice on combining SIEM and log management
- Finally, “The Last Blog Post!” also made the top 10 list – it announced my departure from consulting (and blogging) in order to join Gartner.
Also see my past monthly and annual “Top Posts” – 2007, 2008, 2009, 2010.
Links for 2012-01-03 [del.icio.us]
- Errata Security: Predictions for 2012
- Top 2012 Predictions | the dialog
- 10 Security Predictions for 2012: Top Trends | Blog Central
- Six security forecasts for 2012 - David Lacey's IT Security Blog
"Social networks get secure" <- get me some of the stuff he is inhaling! - Slideshow: Five Security Predictions for 2012 | threatpost
- Zscaler Research: 2012 Security Predictions
- 2012 Threat Predictions | Fortinet Security Blog
- 2012 Security Predictions « The Day Before Zero
- Top Cyber Security Trends for 2012: #1 - Imperva Data Security Blog
January 03 2012
Monthly Blog Round-Up – December 2011
Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month.
Disclaimer: all this content was written before I joined Gartner on Aug 1, 2011 and is solely my personal view at the time of writing. For my current security blogging, go here.
- “On Free Log Management Tools” is a companion to the checklist below (updated version)
- “Simple Log Review Checklist Released!” is often at the top; it is the case this month – the checklist is still a very useful tool for many people
- “On Choosing SIEM” is about the least wrong way of choosing a SIEM tool – as well as why the right way is so unpopular.
- “Log Management at $0 and 1hr/week?” is pretty much what it is. How to do log management under extreme budget AND time constraints?
- “Top 10 Criteria for a SIEM?” is an EXAMPLE criteria list for choosing a SIEM.
In addition, I’d like to draw your attention to a few posts from my Gartner blog:
- “On Vulnerability Prioritization and Scoring”
- “On LARGE Scale Vulnerability Management”
- “On Scanning “New” Environments”
Also see my past monthly and annual “Top Posts” – 2007, 2008, 2009, 2010.
December 20 2011
December 17 2011
December 07 2011
December 06 2011
December 01 2011
Monthly Blog Round-Up – November 2011
Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month.
Disclaimer: all this content was written before I joined Gartner on Aug 1, 2011 and is solely my personal view at the time of writing. For my current security blogging, go here.
- “On Free Log Management Tools” is a companion to the checklist below (updated version)
- “Simple Log Review Checklist Released!” is often at the top; it is the case this month – the checklist is still a very useful tool for many people
- “On Choosing SIEM” is about the least wrong way of choosing a SIEM tool – as well as why the right way is so unpopular.
- “Top 10 Criteria for a SIEM?” is an EXAMPLE criteria list for choosing a SIEM.
- “Log Management at $0 and 1hr/week?” is pretty much what it is. How to do log management under extreme budget AND time constraints?
In addition, I’d like to draw your attention to a few fun posts from my new Gartner blog:
- “On Vulnerability Prioritization and Scoring”
- “On LARGE Scale Vulnerability Management”
- “On Scanning “New” Environments”
Also see my past monthly and annual “Top Posts” – 2007, 2008, 2009, 2010.
November 30 2011
November 29 2011
November 28 2011
November 27 2011
November 26 2011
November 25 2011
November 24 2011
November 21 2011
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
