Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
محتوای ارائه شده توسط Anton Chuvakin. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Anton Chuvakin یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective
Manage episode 448474144 series 2892548
محتوای ارائه شده توسط Anton Chuvakin. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Anton Chuvakin یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Guest:
Travis Lanham, Uber Tech Lead (UTL) for Security Operations Engineering, Google Cloud
Topics:
- There’s been a ton of discussion in the wake of the three SIEM week about the future of SIEM-like products. We saw a lot of takes on how this augurs the future of disassembled or decoupled SIEMs. Can you explain what these disassembled SIEMs are all about?
- What are the expected upsides of detaching your SIEM interface and security capabilities from your data backend?
- Tell us about the early days of SecOps (nee Chronicle) and why we didn’t go with this approach?
- What are the upsides of a tightly coupled datastore + security experience for a SIEM?
- Are there more risks or negatives of the decoupled/decentralized approach? Complexity and the need to assemble “at home” are on the list, right?
- One of the 50 things Google knew to be true back in the day was that product innovation comes from technical innovation, what’s the technical innovation driving decoupled SIEMs?
- So what about those security data lakes? Any insights?
Resources:
- EP139 What is Chronicle? Beyond XDR and into the Next Generation of Security Operations
- EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures
- EP184 One Week SIEM Migration: Fact or Fiction?
- Hacking Google video series
- Decoupled SIEM: Brilliant or …. Not :-)
- UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
- So, Why Did I Join Chronicle Security? (2019)
202 قسمت
Manage episode 448474144 series 2892548
محتوای ارائه شده توسط Anton Chuvakin. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Anton Chuvakin یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Guest:
Travis Lanham, Uber Tech Lead (UTL) for Security Operations Engineering, Google Cloud
Topics:
- There’s been a ton of discussion in the wake of the three SIEM week about the future of SIEM-like products. We saw a lot of takes on how this augurs the future of disassembled or decoupled SIEMs. Can you explain what these disassembled SIEMs are all about?
- What are the expected upsides of detaching your SIEM interface and security capabilities from your data backend?
- Tell us about the early days of SecOps (nee Chronicle) and why we didn’t go with this approach?
- What are the upsides of a tightly coupled datastore + security experience for a SIEM?
- Are there more risks or negatives of the decoupled/decentralized approach? Complexity and the need to assemble “at home” are on the list, right?
- One of the 50 things Google knew to be true back in the day was that product innovation comes from technical innovation, what’s the technical innovation driving decoupled SIEMs?
- So what about those security data lakes? Any insights?
Resources:
- EP139 What is Chronicle? Beyond XDR and into the Next Generation of Security Operations
- EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures
- EP184 One Week SIEM Migration: Fact or Fiction?
- Hacking Google video series
- Decoupled SIEM: Brilliant or …. Not :-)
- UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
- So, Why Did I Join Chronicle Security? (2019)
202 قسمت
همه قسمت ها
×به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.