Collaborate Disseminate
For a reason that shall remain nameless, I’ve run this quick poll focused on the use cases for threat intelligence in 2021. The question and the results are below.
Antons Threat Intel Poll 2021
Here are some thoughts and learnings based on the poll and… Continue reading 2021 Threat Intelligence Use Cases
This is a quick “let’s think about it together” post focused on the future of cloud security.
Our logical starting point is: “Through 2025, 99% of cloud security failures will be the customer’s fault.” (source: Gartner) My experience in my analyst days… Continue reading Is Your Fate In the Cloud?
Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…
This is about the Security Operations Center (SOC). And automation. And of course SOC automation.
Let’s start from a dead-obvious point: you cannot and should not automate away all peop… Continue reading Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…
Those who follow me on social media already knows this, but we have launched THE Cloud Security Podcast.
TL;DR:
Find this on Google Podcasts, Apple Podcasts, Spotify, Stitcher and wherever else podcasts can be found. You can also download the episodes … Continue reading From Google Cloud Blog: “New Cloud Security Podcast by Google is here”
SOC Threat Coverage Analysis — Why/How?
As I mentioned in Detection Coverage and Detection-in-Depth, the topic of threat detection coverage has long fascinated me. Back in my analyst days, we looked at it as a part of a security use case lifecycle proc… Continue reading SOC Threat Coverage Analysis — Why/How?
From Google Cloud Blog: “New whitepaper: Designing and deploying a data security strategy with Google Cloud”
Here is another very fun resource we created (jointly with Andrew Lance from Sidechain), a paper on designing and running data security strateg… Continue reading From Google Cloud Blog: “New whitepaper: Designing and deploying a data security strategy with…
I got into a very insightful debate with somebody who will remain nameless in the beginning of this post, but will perhaps be revealed later. The debate focused on the role of context in threat detection.
Specifically, it is about the role of local con… Continue reading Role of Context in Threat Detection
New Paper: “Future of the SOC: SOC People — Skills, Not Tiers”
Back in August, we released our first Google/Chronicle — Deloitte Security Operations Center (SOC) paper titled “Future of the SOC: Forces shaping modern security operations” (launch blog, … Continue reading New Paper: “Future of the SOC: SOC People — Skills, Not Tiers”
As I hear of organizations dealing with security when migrating to the cloud, I occasionally observe cases of “extreme lift and shift.” I use this label to describe a case when an organization wants to keep every single security technology that they us… Continue reading Cloud Migration Security Woes
As we discussed in “The Cloud trust paradox: To trust cloud computing more, you need the ability to trust it less”, there are situations where the encryption key really does belong off the cloud and so trust is externalized. While we argue that these a… Continue reading Usage Scenarios for Externalized Trust