Seth GoldhammerThe Curse of the Medium-Priority AlertWhat comes back to bite us when we stop looking?Dec 15, 2020Dec 15, 2020
Seth GoldhammerWhy Log Analysis is Still Our Primary Security Investigation ToolIt started with a moderately prioritized SIEM alert triggered by the firewall allowing external traffic right after the Intrusion…Dec 1, 2020Dec 1, 2020
Seth GoldhammerWhy Security Analytics Should Start With the End in MindWhile many organizations collect data to ‘see what they get’, successful implementations take an analytics first approachNov 10, 2020Nov 10, 2020
Seth GoldhammerFour Steps for Faster Security Alert TriageDiscover how to use your existing controls to consolidate alerts and tune severity scores to respond to the highest probability of active…Sep 22, 2020Sep 22, 2020
Seth GoldhammerCybersecurity is Like Playing Dungeons & DragonsHow our security operations mirror the fantasy tabletop role-playing gameSep 8, 2020Sep 8, 2020
Seth GoldhammerWhy Security Analysts Don’t Trust AlertsThink about what it means to be a security analyst. Do you have a picture in mind? The variety is amazing. Some work in mature security…Aug 26, 2020Aug 26, 2020
Seth GoldhammerThree Impediments to Cybersecurity OperationsWhy is Ground Truth so critical for cybersecurity operations?Aug 11, 2020Aug 11, 2020