Blogs are "stateless" and people often pay attention only to what they see today. Thus a lot of useful security reading material gets lost. These monthly round-ups is my way of reminding people about interesting and useful blog content. If you are “too busy to read the blogs,” at least read these.
So, here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month.
- “On Choosing SIEM” tops the charts this month. The post is about the least wrong way of choosing a SIEM tool – as well as why the right way is so unpopular. A related read is “SIEM Resourcing or How Much the Friggin’ Thing Would REALLY Cost Me?”, check it out as well. While reading this, also check this presentation
- My commentary on the latest SIEM Magic Quadrant 2011 (“On SIEM MQ 2011”) is next – I not only share my insights, but also point some unintentional hilarity in the reports
- “What To Do When Logs Don’t Help: New Whitepaper” announces my new whitepaper (written under contract for Observe-IT) about using other means for activity review and monitoring when logs are either not available or hopelessly broken
- Also, “How to Replace a SIEM?” is on the list – it talks about a messy situation when you have to replace one SIEM/log management too with another
- “Simple Log Review Checklist Released!” is still one of the most popular posts on my blog. Grab the log review checklist here, if you have not done so already. It is perfect to hand out to junior sysadmins who are just starting up with logs. A related “UPDATED Free Log Management Tools” is also still on top - it is a repost of my free log tools list to the blog.
Also, as a tradition, I am thanking my top 3 referrers this month (those who are people, not organizations). So, thanks a lot to the following people whose blogs sent the most visitors to my blog:
Possibly related posts / past monthly popular blog round-ups: