Unfortunately, I am old enough to remember how SIEM was done before the arrival of threat intelligence feeds. We had to write broad behavioral (well, “behavioral-ish”, if I am totally honest) rules without relying on any precise knowledge of attacker
threat detection (3)
One more idea that has been bugging me for years is an idea of “detection as code.” Why is it bugging me and why should anybody else care?
First, is “detection as code” just a glamorous term for what you did when you loaded your Snort rules in cvs in
We all know David Bianco Pyramid of Pain, a classic from 2013. The focus of this famous visual is on indicators that you “latch onto” in your detection activities. This post will reveal a related mystery connected to SIEM detection evolution and its
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
The Insider Risk Summit (West)
- Description:
- Created by: pritha
- Tags: insider risk summit, monterey, california
CISO Cocktail Reception, San Francisco
- Description:
Are you @RSAC?
CISO Yacht Cocktail Dinner
Going to RSA Conference?
After a day of attending sessions at RSA, join us on a luxury yacht for drinks, food, and live entertainment while enjoying the stunning skyline views, cruising on San Francisco Bay.
Yacht Party…
- Created by: pritha
- Tags: san francisco, rsac, rsac2026, ciso, cocktail, yacht, invite-only
