As we all know, blogs are a bit "stateless" and a lot of good content gets lost since many people, sadly, only pay attention to what they see today. These monthly round-ups is my attempt to remind people of useful content from the past month! If you are “too busy to read the blogs,” at least read these.
So, here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics.
- “Top Log FAIL!” is hot! The post summarizes the most egregious, reckless, painful, negligent, sad, idiotic examples of “Log FAIL.”
- Open source SIEM theme continues to drive a lot of traffic – it looks like folks are still desperately googling for it. “Why No Open Source SIEM, EVER?” post takes the spot in Top5 this month again. The older inspiration for this post is “On Open Source in SIEM and Log Management.”
- “MUST Read on Walmart Intrusion” includes the juicy bits from the full story at Wired. Some amazing examples of “log FAIL” are mentioned there, BTW.
- “Open Source CLOUD SIEM, Anybody?” post is where I shared some ideas on how to go about building an open source SIEM/SIM/SEM tool using cloud computing. It seems to have attracted a lot of attention. And it should have :-)
- “Compliance != Security, Does Security = Compliance?” contains some fun analysis of situations where not only “compliance != security”, but also “security != compliance.” This theme will definitely be explored in the future.
This month I am also starting a new tradition: I am going to thank my top 5 referrers this month (those that are actual humans, that is). So, thanks a lot to the following people whose blogs/resources sent most visitors to my blog:
- Dancho Danchev blog
- Dmitry Evteev blog
- Martin McKeay blog
- Kevin Riggins Infosec Ramblings blog
- Richard’s TaoSecurity blog
Thanks for all the link-love!
See you in November. Also see my annual “Top Posts” (2007, 2008)
Possibly related posts / past monthly popular blog round-ups:
- Monthly Blog Round-Up – September 2009
- Monthly Blog Round-Up – August 2009
- Monthly Blog Round-Up – July 2009
- Monthly Blog Round-Up – June 2009
- Monthly Blog Round-Up – May 2009
- Monthly Blog Round-Up – April 2009
- Monthly Blog Round-Up – March 2009
- Monthly Blog Round-Up – February 2009
- Monthly Blog Round-Up - January 2009
- Monthly Blog Round-Up - December 2008
- Monthly Blog Round-Up - November 2008
- Monthly Blog Round-Up - October 2008
- Monthly Blog Round-Up - September 2008
- Monthly Blog Round-Up - August 2008
- Monthly Blog Round-Up - July 2008
- Monthly Blog Round-Up - June 2008
- Monthly Blog Round-Up - May 2008
- Monthly Blog Round-Up - April 2008
- Monthly Blog Round-Up - March 2008
- Monthly Blog Round-Up - February 2008
- Monthly Blog Round-Up - January 2008
- Monthly Blog Round-Up - December 2007
- Monthly Blog Round-Up - November 2007
- Monthly Blog Round-Up - October 2007
- Monthly Blog Round-Up - September 2007
- Monthly Blog Round-Up - August 2007
Obligatory “added everywhere” posts :-)
- I am not at Qualys anymore and looking for the next big security idea to work on! Meanwhile, I might be available for fun consulting projects related to PCI DSS, log management, SIEM or other fun security things.