Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Innehåll tillhandahållet av Anton Chuvakin. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Anton Chuvakin eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
EP184 One Week SIEM Migration: Fact or Fiction?
MP3•Episod hem
Manage episode 432614867 series 2892548
Innehåll tillhandahållet av Anton Chuvakin. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Anton Chuvakin eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
Guest:
- Manan Doshi, Senior Security Engineer @ Etsy
Questions:
- In your experience, what are the biggest challenges organizations face when migrating to a new SIEM platform? How did you solve them?
- Many SIEM projects have problems, but a decent chunk of these problems are not about the tool being broken. How did you decide to migrate? When is it time to go?
- Specifically, how to avoid constant change from product to product, each time blaming the tool for what are essentially process failures?
- How did you handle detection content during migration? Was AI involved?
- How did you test for this: “Which platform will best enable our engineering team to build what we need?”
- Tell us more about the Detection as Code pipeline you use?
- “Completed SIEM migration in a single week!” Is this for real?
Resources:
- Google Cloud Security Summit (August 20, 2024) and “Etsy and the art of SIEM Migration” presentation
- “Ancillary Justice” book
- StreamAlert
- SIEM migration blog (spicy version / vanilla version / long detailed version)
- Can We Have “Detection as Code”?
- Google SecOps
- EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
193 episoder
MP3•Episod hem
Manage episode 432614867 series 2892548
Innehåll tillhandahållet av Anton Chuvakin. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Anton Chuvakin eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
Guest:
- Manan Doshi, Senior Security Engineer @ Etsy
Questions:
- In your experience, what are the biggest challenges organizations face when migrating to a new SIEM platform? How did you solve them?
- Many SIEM projects have problems, but a decent chunk of these problems are not about the tool being broken. How did you decide to migrate? When is it time to go?
- Specifically, how to avoid constant change from product to product, each time blaming the tool for what are essentially process failures?
- How did you handle detection content during migration? Was AI involved?
- How did you test for this: “Which platform will best enable our engineering team to build what we need?”
- Tell us more about the Detection as Code pipeline you use?
- “Completed SIEM migration in a single week!” Is this for real?
Resources:
- Google Cloud Security Summit (August 20, 2024) and “Etsy and the art of SIEM Migration” presentation
- “Ancillary Justice” book
- StreamAlert
- SIEM migration blog (spicy version / vanilla version / long detailed version)
- Can We Have “Detection as Code”?
- Google SecOps
- EP117 Can a Small Team Adopt an Engineering-Centric Approach to Cybersecurity?
193 episoder
Alla avsnitt
×Välkommen till Player FM
Player FM scannar webben för högkvalitativa podcasts för dig att njuta av nu direkt. Den är den bästa podcast-appen och den fungerar med Android, Iphone och webben. Bli medlem för att synka prenumerationer mellan enheter.