Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
محتوای ارائه شده توسط Anton Chuvakin. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Anton Chuvakin یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
EP184 One Week SIEM Migration: Fact or Fiction?
Manage episode 432614867 series 2892548
محتوای ارائه شده توسط Anton Chuvakin. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Anton Chuvakin یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Guest:
- Manan Doshi, Senior Security Engineer @ Etsy
Questions:
- In your experience, what are the biggest challenges organizations face when migrating to a new SIEM platform? How did you solve them?
- Many SIEM projects have problems, but a decent chunk of these problems are not about the tool being broken. How did you decide to migrate? When is it time to go?
- Specifically, how to avoid constant change from product to product, each time blaming the tool for what are essentially process failures?
- How did you handle detection content during migration? Was AI involved?
- How did you test for this: “Which platform will best enable our engineering team to build what we need?”
- Tell us more about the Detection as Code pipeline you use?
- “Completed SIEM migration in a single week!” Is this for real?
Resources:
- Google Cloud Security Summit (August 20, 2024) and “Etsy and the art of SIEM Migration” presentation
- “Ancillary Justice” book
- StreamAlert
- SIEM migration blog (spicy version / vanilla version / long detailed version)
- Can We Have “Detection as Code”?
- Google SecOps
- EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
202 قسمت
Manage episode 432614867 series 2892548
محتوای ارائه شده توسط Anton Chuvakin. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Anton Chuvakin یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Guest:
- Manan Doshi, Senior Security Engineer @ Etsy
Questions:
- In your experience, what are the biggest challenges organizations face when migrating to a new SIEM platform? How did you solve them?
- Many SIEM projects have problems, but a decent chunk of these problems are not about the tool being broken. How did you decide to migrate? When is it time to go?
- Specifically, how to avoid constant change from product to product, each time blaming the tool for what are essentially process failures?
- How did you handle detection content during migration? Was AI involved?
- How did you test for this: “Which platform will best enable our engineering team to build what we need?”
- Tell us more about the Detection as Code pipeline you use?
- “Completed SIEM migration in a single week!” Is this for real?
Resources:
- Google Cloud Security Summit (August 20, 2024) and “Etsy and the art of SIEM Migration” presentation
- “Ancillary Justice” book
- StreamAlert
- SIEM migration blog (spicy version / vanilla version / long detailed version)
- Can We Have “Detection as Code”?
- Google SecOps
- EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
202 قسمت
همه قسمت ها
×به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.