25 min listen
EP78 Classic SOC Meets Cloud: What Changes? What Stays the Same?
EP78 Classic SOC Meets Cloud: What Changes? What Stays the Same?
ratings:
Length:
28 minutes
Released:
Aug 8, 2022
Format:
Podcast episode
Description
Guest: Gorka Sadowski, Chief Strategy Officer @ Exabeam Topics: How do we get a legacy SOC team to think about the cloud? How to think about cloud threat detection, in general? What is different … threats, the environment, what else? What is the same? How do we know which TTPs are relevant for the new environments? What to bring with us to the cloud? Do content/rules and detection engines need to be different to cover the cloud detection use cases? What cases are appropriate for machine learning (ML) in the cloud? Does cloud threats drive the need for new ML detections? Resources: “11 Strategies of a World-Class Cybersecurity Operations Center” paper “Autonomic Security Operations: How to 10X Your SOC” paper “Indicators Of Compromise Vs. Tactics, Techniques, And Procedures” blog “How to Build and Operate a Modern Security Operations Center” (Gartner subscription required) “A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next” blog
Released:
Aug 8, 2022
Format:
Podcast episode
Titles in the series (100)
No One Expects the Malware Inquisition: Guest: Brandon Levene, Malware Inquisitor @ Google Cloud Topics covered: Which malware is scarier, state-sponsored or criminal? How do we approach cybercrime mitigation at Google? How do we actually track malware? Don’t we need “attribution”... by Cloud Security Podcast by Google