Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Innhold levert av Anton Chuvakin. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Anton Chuvakin eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.
Player FM - Podcast-app
Gå frakoblet med Player FM -appen!
Gå frakoblet med Player FM -appen!
EP197 SIEM (Decoupled or Not), and Security Data Lakes: A Google SecOps Perspective
MP3•Episoder hjem
Manage episode 448474144 series 2892548
Innhold levert av Anton Chuvakin. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Anton Chuvakin eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.
Guest:
Travis Lanham, Uber Tech Lead (UTL) for Security Operations Engineering, Google Cloud
Topics:
- There’s been a ton of discussion in the wake of the three SIEM week about the future of SIEM-like products. We saw a lot of takes on how this augurs the future of disassembled or decoupled SIEMs. Can you explain what these disassembled SIEMs are all about?
- What are the expected upsides of detaching your SIEM interface and security capabilities from your data backend?
- Tell us about the early days of SecOps (nee Chronicle) and why we didn’t go with this approach?
- What are the upsides of a tightly coupled datastore + security experience for a SIEM?
- Are there more risks or negatives of the decoupled/decentralized approach? Complexity and the need to assemble “at home” are on the list, right?
- One of the 50 things Google knew to be true back in the day was that product innovation comes from technical innovation, what’s the technical innovation driving decoupled SIEMs?
- So what about those security data lakes? Any insights?
Resources:
- EP139 What is Chronicle? Beyond XDR and into the Next Generation of Security Operations
- EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures
- EP184 One Week SIEM Migration: Fact or Fiction?
- Hacking Google video series
- Decoupled SIEM: Brilliant or …. Not :-)
- UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
- So, Why Did I Join Chronicle Security? (2019)
204 episoder
MP3•Episoder hjem
Manage episode 448474144 series 2892548
Innhold levert av Anton Chuvakin. Alt podcastinnhold, inkludert episoder, grafikk og podcastbeskrivelser, lastes opp og leveres direkte av Anton Chuvakin eller deres podcastplattformpartner. Hvis du tror at noen bruker det opphavsrettsbeskyttede verket ditt uten din tillatelse, kan du følge prosessen skissert her https://no.player.fm/legal.
Guest:
Travis Lanham, Uber Tech Lead (UTL) for Security Operations Engineering, Google Cloud
Topics:
- There’s been a ton of discussion in the wake of the three SIEM week about the future of SIEM-like products. We saw a lot of takes on how this augurs the future of disassembled or decoupled SIEMs. Can you explain what these disassembled SIEMs are all about?
- What are the expected upsides of detaching your SIEM interface and security capabilities from your data backend?
- Tell us about the early days of SecOps (nee Chronicle) and why we didn’t go with this approach?
- What are the upsides of a tightly coupled datastore + security experience for a SIEM?
- Are there more risks or negatives of the decoupled/decentralized approach? Complexity and the need to assemble “at home” are on the list, right?
- One of the 50 things Google knew to be true back in the day was that product innovation comes from technical innovation, what’s the technical innovation driving decoupled SIEMs?
- So what about those security data lakes? Any insights?
Resources:
- EP139 What is Chronicle? Beyond XDR and into the Next Generation of Security Operations
- EP190 Unraveling the Security Data Fabric: Need, Benefits, and Futures
- EP184 One Week SIEM Migration: Fact or Fiction?
- Hacking Google video series
- Decoupled SIEM: Brilliant or …. Not :-)
- UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
- So, Why Did I Join Chronicle Security? (2019)
204 episoder
ทุกตอน
×Velkommen til Player FM!
Player FM scanner netter for høykvalitets podcaster som du kan nyte nå. Det er den beste podcastappen og fungerer på Android, iPhone og internett. Registrer deg for å synkronisere abonnement på flere enheter.