Sign up to save your podcasts
Or
Share SIEM Rules - Eric Capuano, Tim MalcomVetter - ESW #323
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SIEM Rules - Eric Capuano, Tim MalcomVetter - ESW #323
InfoSec might have a hoarding problem, but it's easy to understand why. It's almost impossible to know what logs you're doing to need, when you're going to need them, or for what reason. SIEM vendors have taken advantage of these InfoSec data FOMO tendencies, however, and are making a killing charging a premium for storage - even when the storage in question is your own on-prem hardware. There ARE alternatives, however, but it seems most folks aren't aware of this. In this interview with Eric Capuano, we'll discuss both the practical and economic shortcomings of the traditional SIEM model. We'll discuss the challenges of various SIEM use cases. Most importantly, we'll discuss the new models actively replacing them. (No, they're not branded as next-gen SIEMs) Tim MalcolmVetter has been alternating between blue team and red team roles for years. Moving between the two has had its advantages, giving Tim a better understanding of what works, what doesn't and why. We'll discuss a variety of topics, including the pros and cons of industry talent pipelines, Kerberoasting, and AI trends.
2023 Cybersecurity Conversations Report: https://eb1x.co/NWn0RHK Segment description coming soon!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-323
View all episodes
By Security Weekly Productions
4.9
1414 ratings
InfoSec might have a hoarding problem, but it's easy to understand why. It's almost impossible to know what logs you're doing to need, when you're going to need them, or for what reason. SIEM vendors have taken advantage of these InfoSec data FOMO tendencies, however, and are making a killing charging a premium for storage - even when the storage in question is your own on-prem hardware. There ARE alternatives, however, but it seems most folks aren't aware of this. In this interview with Eric Capuano, we'll discuss both the practical and economic shortcomings of the traditional SIEM model. We'll discuss the challenges of various SIEM use cases. Most importantly, we'll discuss the new models actively replacing them. (No, they're not branded as next-gen SIEMs) Tim MalcolmVetter has been alternating between blue team and red team roles for years. Moving between the two has had its advantages, giving Tim a better understanding of what works, what doesn't and why. We'll discuss a variety of topics, including the pros and cons of industry talent pipelines, Kerberoasting, and AI trends.
2023 Cybersecurity Conversations Report: https://eb1x.co/NWn0RHK Segment description coming soon!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-323
More shows like Enterprise Security Weekly (Audio)
View all
NPR News Now
14,588 Listeners
Last Podcast On The Left
51,337 Listeners
This Week in Tech (Audio)
3,057 Listeners
Risky Business
373 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
649 Listeners
CyberWire Daily
1,027 Listeners
Security Weekly News (Audio)
33 Listeners
Darknet Diaries
8,110 Listeners
Unsubscribe Podcast
2,180 Listeners
Risky Bulletin
45 Listeners