Today we take a look at some tools that provide "Detection Posture Management", which is the fanciest way I found to describe it. These tools provide content for SIEMS, a Management Platform, data validation, and make SIEM engineering easier. We take a look at three vendors, do some comparison and contrasting, and discuss the overall capabilities of these tools.
Vendor 1 - Cardinal Ops
Vendor 2 - SOC Prime
Vendor 3 - Anvilogic
Supporting Links:
Hype Cycle for Security Operations, 2023
Can We Have “Detection as Code”?
Detection as Code: How To Embed Threat Detection into Code
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!
In this episode, we review Lloyd's recent announcement on not covering state sponsored attacks, an article from Anton Chuvakin on SOC technology fails, and...
In this episode, we discuss Ransomware affecting ships and 3rd party service organizations, new cyberinsurance requirements around MFA and service account, supply chain woes,...
In this episode we discuss everyone's most favorite of topics, Vulnerability Management! Supporting Links:What is Vulnerability Management and Scanning?Why there are at least 6,000...
