To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Artwork

Content provided by Podcast Archives - Dale Peterson: ICS Security Catalyst. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Podcast Archives - Dale Peterson: ICS Security Catalyst or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Podcast Archives - Dale Peterson: ICS Security Catalyst « »
Podcast: Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail?

 
Play
Playing
Share
 

MP3Episode home
Manage episode 390042503 series 3538694
Content provided by Podcast Archives - Dale Peterson: ICS Security Catalyst. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Podcast Archives - Dale Peterson: ICS Security Catalyst or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

An Interview with Corey Thuen of Gravwell.

Dale and Corey discuss the value of a normalized, taxonomized approach to SIEM, which Dr. Anton Chuvakin has famously claimed is doom to fail. Corey is sympathetic to this view and tries to explain it to Dale.

The alternative is gathering and creating a data lake with more log data and pcaps that can be used by threat hunters and customized rules.

The conversation continues with what types of integration would be helpful between the OT detection products and whatever is used for organization wide detection and response, the packet encryption challenge, and the preference to just buy a product.

You can submit your audio question on this episode or other OT and ICS Security topics to the show by going to dale-peterson.com and clicking on “Record Your Question”.

The post Podcast: Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail? appeared first on Dale Peterson: ICS Security Catalyst.

  continue reading

7 episodes

Artwork

Podcast: Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail?

Podcast Archives - Dale Peterson: ICS Security Catalyst

published

Play Playing
iconShare
 
MP3Episode home
Manage episode 390042503 series 3538694
Content provided by Podcast Archives - Dale Peterson: ICS Security Catalyst. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Podcast Archives - Dale Peterson: ICS Security Catalyst or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

An Interview with Corey Thuen of Gravwell.

Dale and Corey discuss the value of a normalized, taxonomized approach to SIEM, which Dr. Anton Chuvakin has famously claimed is doom to fail. Corey is sympathetic to this view and tries to explain it to Dale.

The alternative is gathering and creating a data lake with more log data and pcaps that can be used by threat hunters and customized rules.

The conversation continues with what types of integration would be helpful between the OT detection products and whatever is used for organization wide detection and response, the packet encryption challenge, and the preference to just buy a product.

You can submit your audio question on this episode or other OT and ICS Security topics to the show by going to dale-peterson.com and clicking on “Record Your Question”.

The post Podcast: Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail? appeared first on Dale Peterson: ICS Security Catalyst.

  continue reading

7 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Quick Reference Guide

Top Podcasts
The Bill Simmons Podcast
PTI
First Take
Marketplace
Comedy of the Week
The Bugle
How Did This Get Made?
Doug Loves Movies
Planet Money
TED Talks Daily
NBC Nightly News with Lester Holt
The World This Hour
Daily Boost Motivation and Coaching
Radiolab
Science Friday
This American Life
Criminal
Sword and Scale
In The Dark
Player FM logo
Help/FAQ | Upgrade | Advertise
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2024 | Sitemap | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox