Today we take a look at some tools that provide "Detection Posture Management", which is the fanciest way I found to describe it. These tools provide content for SIEMS, a Management Platform, data validation, and make SIEM engineering easier. We take a look at three vendors, do some comparison and contrasting, and discuss the overall capabilities of these tools.
Vendor 1 - Cardinal Ops
Vendor 2 - SOC Prime
Vendor 3 - Anvilogic
Supporting Links:
Hype Cycle for Security Operations, 2023
Can We Have “Detection as Code”?
Detection as Code: How To Embed Threat Detection into Code
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!
We discuss The Red Report, a malware focused report from Picus Security. They analyzed just over half a million malware samples from 2022, and...
Hosted by David Schwendinger and Matthew Keener, welcome to the Security Serengeti! Please join us for our introductory episode where we take a look...
In this episode, we discuss the IBM Security Cost of a Data Breach Report 2022. It's actually a really interesting report that goes into...
