47 min listen
SIEM Rules - Eric Capuano, Tim MalcomVetter - ESW #323
SIEM Rules - Eric Capuano, Tim MalcomVetter - ESW #323
ratings:
Length:
144 minutes
Released:
Jul 14, 2023
Format:
Podcast episode
Description
InfoSec might have a hoarding problem, but it’s easy to understand why. It’s almost impossible to know what logs you’re doing to need, when you’re going to need them, or for what reason. SIEM vendors have taken advantage of these InfoSec data FOMO tendencies, however, and are making a killing charging a premium for storage - even when the storage in question is your own on-prem hardware. There ARE alternatives, however, but it seems most folks aren’t aware of this. In this interview with Eric Capuano, we’ll discuss both the practical and economic shortcomings of the traditional SIEM model. We’ll discuss the challenges of various SIEM use cases. Most importantly, we’ll discuss the new models actively replacing them. (No, they’re not branded as next-gen SIEMs) Tim MalcolmVetter has been alternating between blue team and red team roles for years. Moving between the two has had its advantages, giving Tim a better understanding of what works, what doesn’t and why. We’ll discuss a variety of topics, including the pros and cons of industry talent pipelines, Kerberoasting, and AI trends. 2023 Cybersecurity Conversations Report: https://eb1x.co/NWn0RHK Segment description coming soon! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-323
Released:
Jul 14, 2023
Format:
Podcast episode
Titles in the series (100)
Paul's Security Weekly - Episode 7 - Dec 16, 2005 by Security Weekly Podcast Network (Audio)