Tuesday, January 01, 2013

Annual Blog Round-Up – 2012

Here is my annual "Security Warrior" blog round-up of top 10 popular posts/topics in 2012.
  1. Simple Log Review Checklist Released!” was again the most popular this year. The checklist, a list of critical things to look for while reviewing  system, network and security logs when responding to a security incident
  2. PCI DSS Log Review series of posts take the #2 spot; they are about planning and executing PCI DSS-driven log review at an organization
  3. On Choosing SIEM” is about the least wrong way of choosing a SIEM tool – as well as why the right way is so unpopular.
  4. On Free Log Management Tools” is another perma-popular post, presenting a companion resource to the log checklist above
  5. Top 10 Criteria for a SIEM?” is an EXAMPLE criteria list for choosing a SIEM.
  6. Log Management at $0 and 1hr/week?” is pretty much what it is. How to do log management under extreme budget AND time constraints?
  7. Updated With Community Feedback SANS Top 7 Essential Log Reports” and an older “SANS Top 5 Essential Log Reports Update!
  8. “SIEM Bloggables” has one possible view on higher-level SIEM use cases and basic functionality, and a quick discussion of SIEM user types.
  9. “How Do I Get The Best SIEM?” is a discussion (circa 2010) about approaches to choosing SIEM tools and matching functionality to requirements.
  10. 2009 post called “Log Management + SIEM = ?” gives some quick architecture advice on combining SIEM and log management
Disclaimer: all this content was written before I joined Gartner on Aug 1, 2011 and is solely my personal view at the time of writing. For my current security blogging, go here.
Also see my past monthly and annual “Top Posts” – 2007, 2008, 2009, 2010, 2011.

Monthly Blog Round-Up – December 2012

Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month:
  1. Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version, and, yes, I know it really needs another update)
  2. Top 10 Criteria for a SIEM?” came from one of my last projects I did when running my SIEM consulting firm in 2009-2011.
  3. On Choosing SIEM” is another old classic (from 2010) that shows up on my top list; it covers some tips on  choosing SIEM tools.
  4. My classic PCI DSS Log Review series is popular as well. The approach is useful for building other types of log review processes and procedures, whether regulatory or not.
  5. “SIEM Bloggables” covers a few high-level SIEM use cases and my view (at the time) of key SIEM functions.
In addition, I’d like to draw your attention to a few posts from my Gartner blog:
Current DLP research:
Also see my past monthly and annual “Top Posts” – 2007, 2008, 2009, 2010, 2011.

Disclaimer: all content at SecurityWarrior blog was written before I joined Gartner on Aug 1, 2011 and is solely my personal view at the time of writing. For my current security blogging, go here.
Previous post in this endless series:

Dr Anton Chuvakin