Wednesday, March 03, 2010

Monthly Blog Round-Up – February 2010

As we all know, blogs are a bit "stateless" and a lot of useful security reading material gets lost since many people, sadly, only pay attention to what they see today. These monthly round-ups is my attempt to remind people of useful content from the past month! If you are “too busy to read the blogs,” at least read these.

So, here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics.

  1. Our  PCI DSS panel at ShmooCon (“ShmooCon 2010 – Our PCI DSS Panel”) was very interesting and justifiably took the #1 spot this month. That controversial video has been released [[FLV]. Other ShmooCon notes are in the post called “ShmooCon 2010 – Show Notes
  2. Progressing from logging to log management to log monitoring discussion in “Logging, Log Management and Log Review Maturity” took the next spot. It presents a maturity scale for organization selecting log management or SIEM.
  3. Open source SIEM theme continues to drive a lot of traffic (namely “Short Observation on Open Source SIEM”) – it looks like folks are still desperately googling for it. “Why No Open Source SIEM, EVER?” post takes the spot in Top5 this month again. The older inspiration for this post is “On Open Source in SIEM and Log Management.”  While you are reading up on SIEM , check out the post called “SIEM Bloggables” with key SIEM use cases.
  4. The announcement about the release of Security Scoreboard was next – ““Security Scoreboard” Out!”. Think of Security Scoreboard as of Zagat or, better,Yelp for security products.
  5. A completely humorous post about Advanced Persistent Threat (APT) called “Top Nine Reasons How PCI Is Like APT” (humor! humor! humor! – don’t respond to it seriously!) took the final spot in February Top5.

This month I am continuing a new tradition: I am going to thank my top 5 referrers this month (those that are actual humans, that is). So, thanks a lot to the following people whose blogs sent the most visitors to my blog:

  1. Walt Conway
  2. Dancho Danchev
  3. Chris Hoff
  4. Alexey Babenko (in Russian)
  5. Richard Bejtlich
  6. Paul Melson.

Thank you for all the link-love!

See you in March; also see my annual “Top Posts” - 2007, 20082009!

P.S. Why am I not blogging about RSA while I am at RSA 2010? Well, I am – these posts will come next week after I recover :-)

Possibly related posts / past monthly popular blog round-ups:

Obligatory “added everywhere” posts :-)

  • I might be available for consulting projects related to logging, log management, SIEM, PCI DSS etc. Please see the services list at my consulting site.

Dr Anton Chuvakin