AI vs. ML: Anomaly Detection

Guest:

• David Swift, Security Strategist at Netenrich

Topics:

• Which old Security Information and Event Management (SIEM) lessons apply today?

• Which old SIEM lessons absolutely do not apply today and will harm you?

• What are the benefits and costs of SIEM in 2023?

• What are the top cloud security use cases for SIEM in 2023?

• What are your favorite challenges with SIEM in 2023 special in the cloud? Are they different from, say, 2013 or perhaps 2003?

• Do you think SIEM can ever die?  

Resources:

• Live video (LinkedIn, YouTube)

• “Debating SIEM in 2023, Part 1” and  “Debating SIEM in 2023, Part 2” blogs

• “Detection as Code? No, Detection as COOKING!” blog

• “A Process for Continuous Security Improvement Using Log Analysis” (old but good)

• “UEBA, It's Just a Use Case” blog

• “Situational Awareness Is Key to Faster, Better Threat Detection” blog and other SIEM reading

• MITRE 15 detection techniques paper