Anton and The Great XDR Debate, Part 1

I know you may hate me for this, but I‘ve been finally tempted into the Great XDR Debate.
Here, if you want TL;DR, my position on XDR today is “wait and see” (boring, huh?). Unlike some of my esteemed former colleagues, I don’t really have a horse in t… Continue reading Anton and The Great XDR Debate, Part 1

How to Make Threat Detection Better?

I keep coming to the same topic over and over — why are we still bad at detecting threats?
I’ve lamented on this a few times, either touching on general difficulties with detection, its uncertainty or highlighting the fragile detections people write. I… Continue reading How to Make Threat Detection Better?

New Paper: “Autonomic Security Operations — 10X Transformation of the Security Operations Center”

New Paper: “Autonomic Security Operations — 10X Transformation of the Security Operations Center”
It is with much excitement that we announce a new paper about transforming your security operations; it is published under the Office of the CISO at Googl… Continue reading New Paper: “Autonomic Security Operations — 10X Transformation of the Security Operations Center”

A SOC Tried To Detect Threats in the Cloud … Your Won’t Believe What Happened Next

A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next
Now, we all agree that various cloud technologies such as SaaS SIEM help your Security Operations Center (SOC). However, there’s also a need to talk about how traditional… Continue reading A SOC Tried To Detect Threats in the Cloud … Your Won’t Believe What Happened Next

Today, You Really Want a SaaS SIEM!

One thing I did not expect to see in 2021 is a lot of people complaining about how difficult their SIEM is to operate.
Let’s explore this topic for the (n+1)-th time. And let me tell you … that “n” is pretty damn large since my first involvement with S… Continue reading Today, You Really Want a SaaS SIEM!

Anton’s Security Blog Quarterly Q1 2021

Sometimes great old blog posts are hard to find (especially on Medium…), so I decided to do a periodic list blog with my favorite posts of the past quarter or so.
Here is my second. The posts below are ranked by lifetime views and topic. It covers both… Continue reading Anton’s Security Blog Quarterly Q1 2021