Neil Desai, a product strategist at Graylog with extensive experience in building SOCs and SIEMs, joins the conversation alongside Jeff Karens, a principal analyst at Forrester. They dive deep into the critical elements of setting up a successful SIEM, from ensuring the correct logs are enabled to the importance of cross-department collaboration. They also explore the cutting-edge trends in identity and access management, including the challenges of deepfake detection and advancements in zero trust strategies, all while sharing anecdotes that lighten the heavy tech talk.
01:58:15
forum Ask episode
web_stories AI Snips
view_agenda Chapters
menu_book Books
auto_awesome Transcript
info_circle Episode notes
volunteer_activism ADVICE
Collaborate for Successful SIEM
Engage stakeholders in understanding log environment before SIEM deployment.
Collaborate with sysadmins to verify logging configurations and build trust by giving access back to them.
volunteer_activism ADVICE
Verify SIEM Purpose and Data
Understand the problem your SIEM is solving before buying or deploying it.
Verify what logs are coming in regularly to ensure accurate detection and alerting.
volunteer_activism ADVICE
Implement a Logging Policy
Create and get sign-off on a clear logging policy covering log content and retention.
Use this policy to guide configuration and auditing of log sources consistently.
Get the Snipd Podcast app to discover more snips from this episode
In 'Bullshit Jobs: A Theory', David Graeber argues that a significant portion of jobs in modern society are meaningless and contribute little to no value. He categorizes these jobs into five types: flunkies, goons, duct tapers, box tickers, and taskmasters. Graeber contends that these jobs are not only inefficient but also psychologically destructive, leading to chronic misery and social divisions. The book is based on his 2013 essay 'On the Phenomenon of Bullshit Jobs' and includes testimonials from workers who feel their jobs are pointless. Graeber suggests solutions such as unions and universal basic income to address the issue of meaningless work.
The Phoenix project
Lambeth London Borough Council
In this novel, Gene Kim, Kevin Behr, and George Spafford tell the story of Bill, an IT manager at Parts Unlimited, who is tasked with turning around the company's failing IT department. The book delves into the challenges of IT management, the importance of DevOps practices, and how these practices can lead to significant improvements in efficiency, reliability, and customer satisfaction.
Smarter Faster Better
The Secrets of Being Productive in Life and Business
Charles Duhigg
In 'Smarter Faster Better', Charles Duhigg explores the science of productivity through eight key concepts, including motivation, goal setting, focus, and decision making. The book uses real-world examples from various fields such as the Marine Corps, Google, and Disney to illustrate how productive individuals and organizations view the world and make choices differently. Duhigg combines neuroscience, psychology, and behavioral economics to provide practical advice on how to become more effective and in control of one's life and work.
A successful SIEM deployment depends on a lot more than implementing the SIEM correctly. So many other things in your environment have an impact on your chances of a successful SIEM.
Are the right logs enabled?
Is your EDR working correctly?
Would you notice a sudden increase or decrease in events from critical sources?
What can practitioners do to ensure the success of their SIEM deployment?
In this interview, we feature some research from Geoff Cairns, an analyst at Forrester Research. This is a preview to the talk he'll be giving at Identiverse 2025 in a few months.
We won't have time to cover all the trends, but there are several here that I'm excited to discuss!
Enterprise Security Weekly (Audio) 
