Thursday, January 07, 2010

Annual Blog Round-Up – 2009

If monthly, why not annual blog round-up? These are my top popular "Security Warrior" blog posts for 2009. This list covers the posts most popular in 2009, not necessarily only those written in 2009.  Enjoy!
  1. The quest for open source SIEM continues! In fact, the TWO top posts on my blog in 2009 resulted from search queries for “open source SIEM.” They are: “Why No Open Source SIEM, EVER?” and “On Open Source in SIEM and Log Management.” BTW, all SIEM posts are tagged here.
  2. Next, we got scientific (eh..statistical :-)) proof that Heartland Payment Systems mega-breach was The Security Event of 2009. My coverage of the Heartland saga is next on the top list: “On Heartland”, “On Heartland II”, “On Heartland III”, “On Heartland IV”, “On Heartland V”, “On Heartland VI.”  BTW, what is the overall security lesson of the “HPS-gate”? Sorry, but it is “it’s OK to have a massive card data breach!”
  3. I suspect a lot of security folks do a lot of career soul searching nowadays. That is why “A Myth of An Expert Generalist” is so HOT. I suspect you already read it, but if not – go do it!
  4. It is interesting that Windows log collection is still very much an issue with many folks. That is why “Windows Log Collection Poll Analysis” is in the top for the year.
  5. Thoughts and Notes from PCI DSS Hearing in US House of Representatives”  needs no introduction or explanation why it is on the top list for 2009 :-)
  6. Top Log FAIL!” summarizes the most egregious, reckless, painful, negligent, sad, idiotic examples of “Log FAIL.” Log management at its worst!
  7. I am not really “a rant-master”, but some of the more philosophical posts (“Smart vs Stupid: But Not Why You Think So!”) end up being very popular – this one definitely struck a cord with many people.
  8. “Compliant” + 0wned = ?” … this posts seeks to answer this “eternal” question.
  9. A champion of multiple months – AND last year!-  “MUST-DO Logging for PCI?  is also on the list the second time; the world does need more specific PCI DSS guidance. PCI DSS guidance is not “too prescriptive,” it is more often not prescriptive enough!  BTW, you can hire me to help you with your logging, log architecture, log management/SIEM product selection or related product development.
  10. Five Reasons to Dislike PCI DSS – And Why They Are WRONG!” is a fun little piece which fights the war in defense of PCI DSS.
See you in December 2010 when I will post the next annual blog round-up (see my previous annual “Top Posts” - 2007, 2008)
Possibly related posts / past monthly popular blog round-ups:
Obligatory “added everywhere” posts :-)
  • I might be available for fun consulting projects related to loggging, log management, SIEM, PCI DSS, security writing, events, etc. Please see the services list at my consulting site.

Dr Anton Chuvakin