Monday, April 04, 2011

Monthly Blog Round-Up – March 2011

Blogs are "stateless" and people often pay attention only to what they see today. Thus a lot of useful security reading material gets lost.  These monthly round-ups is my way of reminding people about interesting and useful blog content. If you are “too busy to read the blogs,” at least read these.

So, here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month.

  1. My PCI DSS log review procedures that I created for a consulting client and posted on the blog (sanitized, of course!)  took THE top spot again: the first post “Complete PCI DSS Log Review Procedures, Part 1” and the whole series “PCI_Log_Review” would be useful to most large organizations  under PCI DSS (as well as other regulated organization that are looking to create a structure log review policies, procedures and process)
  2. SIEM Resourcing or How Much the Friggin’ Thing Would REALLY Cost Me?” is a new post about figuring out the costs of your SIEM/SIM/SEM implementation – it became an instant favorite and took the next top5 spot in March.
  3. The next is “Log Forensics and “Original” Events” that covers the issue of ‘raw’, ‘original’ or ‘native’ log records and their use for forensics.
  4. UPDATED Free Log Management Tools” is next; it is a repost of my free log tools list to the blog. I repost it every time after an update.
  5. Finally, my RSA 2011 notes (“RSA 2011 Conference Notes”) also are in the top list.
  6. Simple Log Review Checklist Released!” is still one of the most popular posts on my blog. Grab the log review checklist here, if you have not done so already. It is perfect to hand out to junior sysadmins who are just starting up with logs.

Also, as a tradition, I am thanking my top 3 referrers this month (those who are people, not organizations). So, thanks a lot to the following people whose blogs sent the most visitors to my blog:

  1. Anonymous “PCI Guru”
  2. Walt Conway
  3. D. Orlov (please let me know what “D” stands for – your blog is not exactly clear about it Smile) Also, thanks for translating my PCI DSS log review procedures into Russian….

Also see my past annual “Top Posts” - 2007, 20082009, 2010). Next, see you in April for the next monthly top list.

Possibly related posts / past monthly popular blog round-ups:

Dr Anton Chuvakin