Here is my next monthly "Security Warrior" blog round-up of top 5 popular posts/topics this month:
- “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version, and, yes, I know it really needs another update)
- My classic PCI DSS Log Review series is popular as well. The outlined log review approach is useful for building other types of log review processes and procedures, whether regulatory or not.
- “On Choosing SIEM” is another old classic (from 2010) that shows up on my top list; it covers some tips on choosing SIEM tools.
- “Top 10 Criteria for a SIEM?” came from one of my last projects I did when running my SIEM consulting firm in 2009-2011.
- “SIEM Bloggables” covers a few high-level SIEM use cases and my view (at the time) of key SIEM functions.
Current network forensics research:
- DLP: Education and/or Automation?
- More On Internal Data Loss Incidents
- On “Internally Lost Data” and DLP Discovery
- On Risks of DLP
- DLP and Data Classification
- DLP: Discover First or Monitor First?
- On DLP and PCI DSS
- On DLP and IP Theft
- DLP and/or/for/vs Data Security
- On DLP Processes or “No DLP For Dummies”
- On DLP Research
Disclaimer: all content at SecurityWarrior blog was written before I joined Gartner on Aug 1, 2011 and is solely my personal view at the time of writing. For my current security blogging, go here.
Previous post in this endless series: