Here is my annual "Security Warrior" blog round-up of top 10 popular posts/topics in 2011. This list covers the posts most popular in 2011, not necessarily only those written in 2011.
Disclaimer: all this content was written before I joined Gartner on Aug 1, 2011 and is solely my personal view at the time of writing. For my current security blogging, go here.
- “Simple Log Review Checklist Released!” was again the most popular this year. The checklist, a list of critical things to look for while reviewing system, network and security logs when responding to a security incident
- PCI DSS Log Review series of posts take the #2 spot; they are about planning and executing PCI DSS-driven log review at an organization
- “On Free Log Management Tools” is another perma-popular post, presenting a companion resource to the log checklist above
- “On Choosing SIEM” is about the least wrong way of choosing a SIEM tool – as well as why the right way is so unpopular.
- “Log Management at $0 and 1hr/week?” is pretty much what it is. How to do log management under extreme budget AND time constraints?
- “Top 10 Criteria for a SIEM?” is an EXAMPLE criteria list for choosing a SIEM.
- “SIEM Resourcing or How Much the Friggin’ Thing Would REALLY Cost Me?” is a quick approach of planning SIEM costs
- A humorous post “Top 10 Things Your Log Management Vendor Won't Tell You”
- 2009 post called “Log Management + SIEM = ?” gives some quick architecture advice on combining SIEM and log management
- Finally, “The Last Blog Post!” also made the top 10 list – it announced my departure from consulting (and blogging) in order to join Gartner.
Also see my past monthly and annual “Top Posts” – 2007, 2008, 2009, 2010.