- “Donn Parker’s “Risks of Risk-Based Security” Summarized”, an old blog post from 2009, somehow made it to my top list this month. A mystery!
- “Simple Log Review Checklist Released!” is often at the top of this list – the checklist is still a very useful tool for many people. “On Free Log Management Tools” is a companion to the checklist (updated version)
- “New SIEM Whitepaper on Use Cases In-Depth OUT!” (dated 2010) presents a whitepaper on select SIEM use cases described in depth with rules and reports [using now-defunct SIEM product]; also see this SIEM use case in depth and this for a more current list of popular SIEM use cases.
- My classic PCI DSS Log Review series is always popular! The series of 18 posts cover a comprehensive log review approach (OK for PCI DSS 3.0 as well), useful for building log review processes and procedures , whether regulatory or not. It is also described in more detail in our Log Management book and mentioned in our PCI book (just out in its 4th edition!)
- “Top 10 Criteria for a SIEM?” came from one of my last projects I did when running my SIEM consulting firm in 2009-2011 (for my recent work on evaluating SIEM, see this document)
In addition, I’d like to draw your attention to a few recent posts from my Gartner blog:
Current research on MSSP:
- MSSP Client Onboarding – A Critical Process!
- MSSP: Integrate, NOT Outsource!
- On MSSP Personnel
- On MSSP SLAs
- Acting on MSSP Alerts
- MSSP Client Responsibilities – What Are They?
- Find Security That Outsources Badly!
- Challenges with MSSPs?
- How To Work With An MSSP Effectively?
Miscellaneous fun posts:
- Why No Security Analytics Market?
- On “Defender’s Advantage”
- Security Essentials? Basics? Fundamentals? Bare Minimum?
(see all my published Gartner research here)
Previous post in this endless series: