Cloud Security Podcast by Google

EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI


Listen Later

Guest:

  • Manija Poulatova, Director of Security Engineering and Operations at Lloyd's Banking Group

Topics:

  • SIEM migration is hard, and it can take ages. Yours was - given the scale and the industry - on a relatively short side of 9 months. What’s been your experience so far with that and what could have gone faster? 
  • Anton might be a “reformed” analyst but I can’t resist asking a three legged stool question: of the people/process/technology aspects, which are the hardest for this transformation? What helped the most in solving your big challenges? 
  • Was there a process that people wanted to keep but it needed to go for the new tool?
  • One thing we talked about was the plan to adopt composite alerting techniques and what we’ve been calling the “funnel model” for detection in Google SecOps. Could you share what that means and how your team is adopting? 
  • There are a lot of moving parts in a D&R journey from a process and tooling perspective, how did you structure your plan and why?
  • It wouldn’t be our show in 2025 if I didn’t ask at least one AI question!  What lessons do you have for other security leaders preparing their teams for the AI in SOC transition? 

Resources:

  • EP234 The SIEM Paradox: Logs, Lies, and Failing to Detect
  • EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective
  • EP231 Beyond the Buzzword: Practical Detection as Code in the Enterprise
  • EP184 One Week SIEM Migration: Fact or Fiction?
  • EP125 Will SIEM Ever Die: SIEM Lessons from the Past for the Future
  • EP223 AI Addressable, Not AI Solvable: Reflections from RSA 2025
  • “Maverick” — Scorched Earth SIEM Migration FTW! blog
  • “Hack the box” site
...more
View all episodesView all episodes
Download on the App Store

Cloud Security Podcast by GoogleBy Anton Chuvakin

  • 4.8
  • 4.8
  • 4.8
  • 4.8
  • 4.8

4.8

39 ratings


More shows like Cloud Security Podcast by Google

View all
Risky Business by Patrick Gray

Risky Business

369 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

638 Listeners

The Cloudcast by Massive Studios

The Cloudcast

156 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

369 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,018 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

205 Listeners

Smashing Security by Graham Cluley

Smashing Security

320 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,961 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

173 Listeners

Kubernetes Podcast from Google by Abdel Sghiouar, Kaslin Fields

Kubernetes Podcast from Google

182 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

188 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cloud Security Podcast by Cloud Security Podcast Team

Cloud Security Podcast

57 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

134 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

43 Listeners