SS-SUBJ-125: Detection Posture Management

Episode 125 September 12, 2023 00:32:26
SS-SUBJ-125: Detection Posture Management
Security Serengeti
SS-SUBJ-125: Detection Posture Management

Sep 12 2023 | 00:32:26

/

Show Notes

Today we take a look at some tools that provide "Detection Posture Management", which is the fanciest way I found to describe it.  These tools provide content for SIEMS, a Management Platform, data validation, and make SIEM engineering easier.  We take a look at three vendors, do some comparison and contrasting, and discuss the overall capabilities of these tools.

Vendor 1 - Cardinal Ops

Vendor 2 - SOC Prime

Vendor 3 - Anvilogic

Supporting Links:
Hype Cycle for Security Operations, 2023
Can We Have “Detection as Code”?
Detection as Code: How To Embed Threat Detection into Code

If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

Other Episodes

Episode 18

July 11, 2021 00:45:40
Episode Cover

SS-NEWS-018: Kaseya and Lawyers in charge of IR?

In this week's episode, we discuss Kaseya because we really have to.  Then we talk lawyers and IR again, and discover most everyone seems...

Listen

Episode 90

December 19, 2022 00:36:08
Episode Cover

SS-NEWS-090: Infragard hacked!

This was a pretty boring news week.  ChatGPT took up all the air, so we tried it out to see if it could podcast...

Listen

Episode 40

December 19, 2021 00:49:44
Episode Cover

SS-NEWS-40: No Insurance Payout for State Sponsored Attacks

In this episode, we review Lloyd's recent announcement on not covering state sponsored attacks, an article from Anton Chuvakin on SOC technology fails, and...

Listen