Information security #InfoSec - #SIEM, #DFIR, #EDR ... formerly VP & Distinguished Analyst at Gartner! Now doing security product strategy @Google #Cloud
Oct 2, 2020 • 5 tweets • 1 min read
So, I was trying to summarize my thoughts on why THREAT #DETECTION is hard (1/m)
Naturally, first a quip on "well, the attackers don't want to be detected" came to my mind ... (2/m)
Sep 23, 2020 • 4 tweets • 1 min read
Why can't we have "blameless post-mortems" in security? #question
To me, however, this does NOT mean that gross incompetence should not be found, blamed and punished. Just that the post-mortem analysis process needs to be run blamelessly (am I off here?)
Aug 20, 2020 • 7 tweets • 1 min read
A minor bit of "analyst to vendor" self-psycho-analysis via twitter (1/n)
So, when I was an analyst I developed a slight allergy to vendors saying "security control X is not enough" (2/n)