Episode 75 - Where are My Logs at? Rethinking Loggin in 2023

12/21/22 • 49 min

In this the 3rd annual holiday fundraiser podcast episode, I talk with Kam Amir and Brenden Morgenthaler about what enterprise logging will look like in 2023. Kam is the Director of Technical Alliances for Cribl. Brenden is an Enterprise Architect for CDW.

Talking Points:

Kam has developed a formula for getting the most value from your setup using the three 'Vs':

Variety
Value
Velocity

This allows for you to get more freedom to get valuable data into your platform.

Brenden talks to real life uses cases like:

Grouping Meta Data for things like charge back,
How do you setup threshold rules to help with crashing clusters
Auditing Kerberos events issue

Podcast Sponsors:

This holiday event raised funds for 3 great causes:

Many thanks to Cribl, CDW and Custom Business Solutions for helping us raise over $1,000 for charity!

Talking Points:

Kam has developed a formula for getting the most value from your setup using the three 'Vs':

Variety
Value
Velocity

This allows for you to get more freedom to get valuable data into your platform.

Brenden talks to real life uses cases like:

Grouping Meta Data for things like charge back,
How do you setup threshold rules to help with crashing clusters
Auditing Kerberos events issue

Podcast Sponsors:

This holiday event raised funds for 3 great causes:

Many thanks to Cribl, CDW and Custom Business Solutions for helping us raise over $1,000 for charity!

Previous Episode

Episode 74 - Let's Talk Advanced Email Security

In this episode I have a 1 on 1 conversation with the one and only Brian 'Schneebs' Schneble about Advanced Email Security. Brian is a Senior Enterprise Account Executive for Abnormal Security. Brian is not only an active member of the Michigan cybersecurity community but he has extensive knowledge of the automotive industry.

Talking Points:

In a break from the traditional talking points, for this episode we break down a real world use case where a company was hit by a very creative 'double whammy'. Both a compromised email account and a look-a-like domain were used in this attack.

Brian and I walk through what happened, how it could happen and how you can do things to avoid this in your company.

Compromised Email Accounts
How Malicious Actors 'Learn' Your Workflows
Look Alike Domains
Defensive Domains
DMARC

This was a highly informative episode and don't mind the state of security talk about the beginning. Listen/View the whole episode, as it will definitely be worth spending your time on!

Podcast Sponsor:

This episode is sponsored by Abnormal Security. Abnormal Security is an Email Security Solutions provider that is known for using Machine Learning to detect non-traditional email attacks. Parts of the proceeds from this sponsorship will be going towards a 2023 InfoSec scholarship at my alma matter Grand Rapids Community College.

Next Episode

Episode 76 - Why Your Business Needs Data Visualization

In this episode I had a chance to talk to Lisa Jones-Huff about the importance of data visualization and how it can help both security AND the business. Lisa is the Senior Director of Global Security Specialists for Elastic.

Talking Points:

Some basic steps for understanding how to interpret your data:

What is the very first thing you should do on your data visualization journey?
What type of data do you have?
What is the value of that data?
What types of use cases provide the most 'Combined Value'?
How can Graph can help tell the story in a detail that a 'regular' person can understand?

Episode Sponsor:

This episode is sponsored by Elastic. Elastic is a multi-faceted business and security solutions company based out of Mountain View California. Part of the sponsor ship fee will be going to raise money for the Autism Alliance of Michigan.