- Technology
- SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- Other
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en
Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail
Podcast: Unsolicited Response Podcast (LS 30 · TOP 10% what is this?)
Episode: Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail
Pub date: 2021-01-19
Dale and Corey discuss the value of a normalized, taxonomized approach to SIEM, which Dr. Anton Chuvakin has famously claimed is doom to fail. Corey is sympathetic to this view and tries to explain it to Dale.
The alternative is gathering and creating a data lake with more log data and pcaps that can be used by threat hunters and customized rules.
The conversation continues with what types of integration would be helpful between the OT detection products and whatever is used for organization wide detection and response, the packet encryption challenge, and the preference to just buy a product.
You can submit your audio question on this episode or other OT and ICS Security topics to the show by going to dale-peterson.com and clicking on "Record Your Question".
The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.