Today we take a look at some tools that provide "Detection Posture Management", which is the fanciest way I found to describe it. These tools provide content for SIEMS, a Management Platform, data validation, and make SIEM engineering easier. We take a look at three vendors, do some comparison and contrasting, and discuss the overall capabilities of these tools.
Vendor 1 - Cardinal Ops
Vendor 2 - SOC Prime
Vendor 3 - Anvilogic
Supporting Links:
Hype Cycle for Security Operations, 2023
Can We Have “Detection as Code”?
Detection as Code: How To Embed Threat Detection into Code
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!
This week we discuss the shocking new revelation of ORB networks! Oh wait, it's just a rebrand. Still, kind of interesting. Then we talk...
In this episode, we deep dive into two articles, linked below:Half of Q1's malware traffic observed by Sophos was TLS encrypted, hiding inside legit...
A report! A new report, in the torrents of blog posts and reports released by security companies! A boring report :( We discuss the...
