January 19, 2021

Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail

Listen Later

40 minutes

Dale and Corey discuss the value of a normalized, taxonomized approach to SIEM, which Dr. Anton Chuvakin has famously claimed is doom to fail. Corey is sympathetic to this view and tries to explain it to Dale.

The alternative is gathering and creating a data lake with more log data and pcaps that can be used by threat hunters and customized rules.

The conversation continues with what types of integration would be helpful between the OT detection products and whatever is used for organization wide detection and response, the packet encryption challenge, and the preference to just buy a product.

You can submit your audio question on this episode or other OT and ICS Security topics to the show by going to dale-peterson.com and clicking on "Record Your Question".

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Unsolicited Response

By Dale Peterson: ICS Security Catalyst and S4 Conference Chair

4.9

1414 ratings

January 19, 2021

Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail

Listen Later

40 minutes

Dale and Corey discuss the value of a normalized, taxonomized approach to SIEM, which Dr. Anton Chuvakin has famously claimed is doom to fail. Corey is sympathetic to this view and tries to explain it to Dale.

The alternative is gathering and creating a data lake with more log data and pcaps that can be used by threat hunters and customized rules.

The conversation continues with what types of integration would be helpful between the OT detection products and whatever is used for organization wide detection and response, the packet encryption challenge, and the preference to just buy a product.

You can submit your audio question on this episode or other OT and ICS Security topics to the show by going to dale-peterson.com and clicking on "Record Your Question".

...more

More shows like Unsolicited Response

Security Now (Audio) by TWiT

Security Now (Audio)

1,968 Listeners

Risky Business by Patrick Gray

Risky Business

361 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

627 Listeners

Hacked by Hacked

Hacked

184 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,003 Listeners

Click Here by Recorded Future News

Click Here

398 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,876 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

168 Listeners

The Industrial Security Podcast by PI Media

The Industrial Security Podcast

20 Listeners

@BEERISAC: OT/ICS Security Podcast Playlist by Anton Shipulin / Listen Notes

@BEERISAC: OT/ICS Security Podcast Playlist

7 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

129 Listeners

(CS)²AI Podcast Show: Control System Cyber Security by Derek Harp

(CS)²AI Podcast Show: Control System Cyber Security

2 Listeners

Ukraine: The Latest by The Telegraph

Ukraine: The Latest

1,784 Listeners

Det Store Bildet by Brandpeople og Bauer Media

Det Store Bildet

10 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

33 Listeners