EP125 Will SIEM Ever Die: SIEM Lessons from the Past for the Future
Cloud Security Podcast by Google
00:00
The Importance of a UI Rule
The way Anton talks about this stuff, sometimes you'd think that he was writing his first rules on punch cards. I would say depending on a sim to detect a specific known threat, you're going to waste a ton of time and create false positives. If we could detect X and block it, we'd put it in an IDS signature. It's not a sim rule. So other any lessons, any old sim lessons that just do not apply today. And if you follow them, you would harm yourself.
Play episode from 08:10
Transcript
