All Articles

threat detection (3)

15+ Years of Loading Threat Intel into SIEM: Why Does This Still Suck? | Anton Chuvakin

Posted by Biswajit Banerjee on March 19, 2025 at 8:14pm in Blog

Unfortunately, I am old enough to remember how SIEM was done before the arrival of threat intelligence feeds. We had to write broad behavioral (well, “behavioral-ish”, if I am totally honest) rules without relying on any precise knowledge of attacker

Can We Have “Detection as Code”? (By Dr. Anton Chuvakin, Office Of Google)

Posted by Biswajit Banerjee on November 25, 2024 at 4:56pm in Blog

One more idea that has been bugging me for years is an idea of “detection as code.” Why is it bugging me and why should anybody else care?

First, is “detection as code” just a glamorous term for what you did when you loaded your Snort rules in cvs in

Security Correlation Then and Now: A Sad Truth About SIEM (By Dr. Anton Chuvakin, Office Of Google)

Posted by Biswajit Banerjee on November 25, 2024 at 4:49pm in Blog

We all know David Bianco Pyramid of Pain, a classic from 2013. The focus of this famous visual is on indicators that you “latch onto” in your detection activities. This post will reveal a related mystery connected to SIEM detection evolution and its

Join The Community Discussion

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)

#xg { position:relative;top:120px; } #xn_bar { top:120px; }

Hello, you need to enable JavaScript to use CISO Platform.

Please check your browser settings or contact your system administrator.

threat detection (3)

15+ Years of Loading Threat Intel into SIEM: Why Does This Still Suck? | Anton Chuvakin

Can We Have “Detection as Code”? (By Dr. Anton Chuvakin, Office Of Google)

Security Correlation Then and Now: A Sad Truth About SIEM (By Dr. Anton Chuvakin, Office Of Google)

Note: this page contains paid content.

Join The Community Discussion

Read More

Did You Join #RSAC 2026? Community CISO Breakfast Roundtable | 24 March | San Francisco

Did You Attend RSAC 2026 ? An Evening That Mattered.. #CISO Yacht Cocktail Dinner

Top Breaches in Cyber Security in 2025 – upcoming live panel

Weekly CISO Podcast Pick – Why Cyber Risk Fails: What CISOs Should Do Instead

Note: this page contains paid content.

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.