Anton Chuvakin – Page 3 – WindowsTechs.com

Anton’s Security Blog Quarterly Q3.5 2020

Posted on November 20, 2020 by Anton Chuvakin

Sometimes great old blog posts are hard to find (especially on Medium), so I decided to do a periodic (who am I kidding, occasional — not periodic) list blog with my favorite posts of the past quarter or so.
Here is my first. The posts below are ranked… Continue reading Anton’s Security Blog Quarterly Q3.5 2020→

Hearing from CISOs at Google Cloud and Beyond

Posted on November 6, 2020 by Anton Chuvakin

Security continues to be a top concern for cloud customers, and therefore continues to be a driver of our business at Google Cloud. However, specific security priorities vary wildly by vertical, by organization size, and by many other factors.
In fact,… Continue reading Hearing from CISOs at Google Cloud and Beyond→

On Threat Detection Uncertainty

Posted on November 3, 2020 by Anton Chuvakin

My post “Why is Threat Detection Hard?” proved to be one of the most popular in recent history of my new blog. In this post, I wanted to explore a seemingly obvious, while surprisingly fascinating aspect of detection: uncertainty.
Uncertainty? Are you … Continue reading On Threat Detection Uncertainty→

From Google Cloud Blog: “Improving security, compliance, and governance with cloud-based DLP data…

Posted on October 21, 2020 by Anton Chuvakin

From Google Cloud Blog: “Improving security, compliance, and governance with cloud-based DLP data discovery”
So, I’ve been doing some blogging at Google Cloud blog with most posts connected to products, launches, etc. However, I am also doing a fun blo… Continue reading From Google Cloud Blog: “Improving security, compliance, and governance with cloud-based DLP data…→

Why is Threat Detection Hard?

Posted on October 7, 2020 by Anton Chuvakin

While creating a recent presentation, I needed a slide on “threat detection is hard.” And it got me thinking, why is threat detection so hard for so many organizations today? We can trace the “cyber” threat detection to 1986 (“Cuckoo’s Egg”) and 1987 (… Continue reading Why is Threat Detection Hard?→

Why is Threat Detection Hard?

Posted on October 7, 2020 by Anton Chuvakin

Posts From Beyond The Grave: How To Impress / Annoy An Analyst During A Briefing

Posted on September 25, 2020 by Anton Chuvakin

My old $employer blog has vanished and a lot of content of value to the community went down with it. Naturally, I do not own the IP and I cannot go to archive.org and bring it back to life.
However, I will make an exception for this post. Because it (a… Continue reading Posts From Beyond The Grave: How To Impress / Annoy An Analyst During A Briefing→

Chronicle Detect is Here

Posted on September 23, 2020 by Anton Chuvakin

A lot of people ask me how Chronicle is doing inside Google Cloud (TLDR: doing well), and I wanted to share some good news. I also wanted to reveal some of our lessons building our threat detection capabilities (that we just released).
If you recall, w… Continue reading Chronicle Detect is Here→

Can We Have “Detection as Code”?

Posted on September 21, 2020 by Anton Chuvakin

One more idea that has been bugging me for years is an idea of “detection as code.” Why is it bugging me and why should anybody else care?
First, is “detection as code” just a glamorous term for what you did when you loaded your Snort rules in cvs in, … Continue reading Can We Have “Detection as Code”?→

Back in 2015, while working on a Gartner SOC paper, I coined the concept of “SOC nuclear triad”…

Posted on September 10, 2020 by Anton Chuvakin

Back in 2015, while working on a Gartner SOC paper, I coined the concept of “SOC nuclear triad” which later morphed into “SOC visibility triad” or even “security visibility triad.” The thing then became very popular with some security vendors, especial… Continue reading Back in 2015, while working on a Gartner SOC paper, I coined the concept of “SOC nuclear triad”…→