Friday, September 03, 2010

Monthly Blog Round-Up – August 2010

Blogs are "stateless" and people often pay attention only to what they see today. Thus a lot of useful security reading material gets lost.  These monthly round-ups is my way of reminding people about interesting blog content. If you are “too busy to read the blogs,” at least read these.
So, here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month.
  1. My super-rant about log analysis “Pathetic Analytics Epiphany!” has shot to the top like a pig kicked up in the ass by an irate giant. It is about how after looking at logs for so many years, we still use primitive approaches and primitive tools.
  2. Not surprisingly, my belated reading of the Verizon Breach Reports 2010 (“Verizon Breach Report 2010 OUT!”) is in my Top5. VzDBIR is pure awesomeness, as always!
  3. Updated With Community Feedback SANS Top 7 Essential Log Reports DRAFT2”, “SANS Top 5 Essential Log Reports Update!” and their predecessor  “Top5 SANS Log Reports Update DRAFT” finally beat the previous champion of a few months “Simple Log Review Checklist Released!” Now I just need to document all the chosen favorite reports and submit it for community release.
  4. Career posts always get top scores automatically and “Skills for Work vs Skills for Getting Hired” is no exception. Just as its predecessor, “Myth of an Expert Generalist”, it got on my monthly Top 5 posts immediately, was featured on Reddit.com, etc, etc. The next career post is coming soon…don’t despair :-)
  5. News of sinking SIEM and log management vendors alluded to in “To Those Escaping from Sinking SIEM/Log Management Vendors” somehow made it to the top. Maybe links to SIEM jobs did it?
  6. How Do I Get The Best SIEM?”, a companion to “On Choosing SIEM“, went to the top like lighting a few months ago and stayed there this month as well. If you are thinking of getting a SIEM or a log management tool, check them out and also look at related resources at the end of these posts.  “The Myth of SIEM as “An Analyst-in-the-box” or How NOT to Pick a SIEM-II?” and ““I Want to Buy Correlation” or How NOT to Pick a SIEM?” also stay at the top – it seems like smaller organizations are looking at deploying SIEM and log management and there is a lot of interest in simple guidance on this.
Also, below I am thanking my top 5 referrers this month (those who are people, not organizations). So, thanks a lot to the following people whose blogs sent the most visitors to my blog:
  1. Michał Wiczyński
  2. Raffael Marty
  3. Dancho Danchev
  4. Cédric Blancher
  5. JP Bourget
 See you in September; also see my annual “Top Posts” - 2007, 20082009!
Possibly related posts / past monthly popular blog round-ups:
Enhanced by Zemanta

Dr Anton Chuvakin