Monday Apr 04, 2022

#72 - Logging In with SIEMs (with Anton Chuvakin)

On this episode of CISO Tradecraft, Anton Chuvakin talks about Logging, Security Information & Event Management (SIEM) tooling, and Cloud Security.  Anton share’s fantastic points of view on:

  • How moving to the cloud is like moving to a space station (13:44)
  • How you may be one IAM mistake away from a breach (20:05)
  • How a SIEM is a logging based approach, whereas EDRs require agents at endpoints.  This becomes really interesting when cloud solutions don’t have an endpoint to install an agent (26:53)
  • Why you don’t want an on premises SIEM (32:35)
  • The 3 AM Test - Should you wake someone up for this alert at 3 AM (39:24)

Comments (0)

To leave or reply to comments, please download free Podbean or

No Comments

Copyright 2023 All rights reserved.

Podcast Powered By Podbean

Version: 20221013