- “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version)
- “Top 10 Criteria for a SIEM?” came from one of my last projects I did when running my SIEM consulting firm in 2009-2011.
- “On Choosing SIEM” is another old classic (from 2010) that often shows up on my top list; it covers some tips on choosing SIEM tools.
- “SIEM Bloggables” covers a few high-level SIEM use cases and my view (at the time) of key SIEM functions.
- My classic PCI DSS Log Review series is popular as well. The outlined log review approach is useful for building other types of log review processes and procedures, whether regulatory or not.
Current network forensics research:
- On Futility of Dead Packet Storage
- Processes for Network Forensics
- Use Cases for Network Forensics Tools
- Network Forensics Defined?
- From IPs to TTPs
- Consumption of Shared Security Data
- On Trust in Security Data Sharing
- On Security Data Sharing Research
- On Security Data Sharing
- More on DoS and Shared Security
- My Coverage Areas Reminder
- Bye-bye, Compliance Thinking. Welcome, Military Thinking!
- 9 Reasons Why Building A Big Data Security Analytics Tool Is Like Building a Flying Car
- On Being An Analyst or WHO Are We Hiring?
- Verizon DBIR 2013 Highlights and Favorites
Also see my past monthly and annual “Top Popular Blog Posts” – 2007, 2008, 2009, 2010, 2011, 2012.
Disclaimer: all content at SecurityWarrior blog was written before I joined Gartner on Aug 1, 2011 and is solely my personal view at the time of writing. For my current security blogging, go here.
Previous post in this endless series: