EP44 Evolving a SIEM for the Future While Learning from the Past
Cloud Security Podcast by Google
English - November 22, 2021 19:56 - 28 minutes - 38.9 MB - ★★★★★ - 33 ratingsTechnology cloudsecurity cloud cybersecurity security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: EP43 Automation as Paved Roads in Cloud Enablement
Guest:
Mike Orosz, a Chief Information and Product Security Officer @ VertivTopics:
What are your views on modern SIEM? What should it do and what should it be?
Should it even be called SIEM?
Is SaaS/cloud-native SIEM the only way to go?
Can anybody build a SIEM in the cloud by installing the regular SIEM on IaaS?
What are the top challenges for organizations deploying and operationalizing SIEM today?
What are some hidden or commonly forgotten costs for a SIEM deployment?
Is open source the answer to SIEM?
SIEM today should deliver on detection, hunting and investigation use cases, so what does it mean in terms of practical data retention?
Resources:
"On “Output-driven” SIEM" "Fake Cloud: Now There Are Two Hands in Your Pocket"