Cloud Security Podcast by Google
EP184 One Week SIEM Migration: Fact or Fiction?
Aug 5, 2024
Manan Doshi, a Senior Security Engineer at Etsy, shares insights on the challenges of migrating to a new SIEM platform. He discusses key hurdles organizations face and debunks myths surrounding flawed tools, emphasizing the importance of processes. Manan reveals the exciting prospect of completing a SIEM migration in just one week and explores the role of AI and 'Detection as Code' in enhancing detection logic. His focus on community insights and strategic planning highlights how a strong engineering culture can transform security operations.
24:45
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Organizations should prioritize simplicity over extensive feature sets during SIEM migrations to improve efficiency and reduce complications.
- Implementing 'Detection as Code' enhances collaboration and control over security detection processes, leading to more effective migration outcomes.
Deep dives
Lessons from SIM Migration Challenges
Organizations often face significant challenges when undergoing SIM migrations, a common experience highlighted by a senior security engineer. After completing three migrations, the engineer found that an overwhelming focus on numerous evaluation criteria could lead to complications and inefficient choices. Instead, a shift towards simplicity was recommended, focusing primarily on essential functionalities like searching and detection writing, rather than an exhaustive list of features. This realization emphasizes that older, feature-rich tools may not provide the necessary value, suggesting that keeping the approach simple can streamline the transition process.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
