Heyo! I'm David - A Cloud Threat Detection specialist with about 14 years of Enterprise IT Experience and have built out a few Security Monitoring programs now at various Managed Security Service Providers. Through the years, I've always felt that too many topics within the Information Security realm really didn't have many guides out there on how to actually implement various programs.
While that is definitely starting to change, I thought I'd write about some of the things I wish I knew along the way as well as some of the lessons learned through building said security monitoring programs.
Find my blog helpful? Consider subscribing!
Certifications
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Python Coder (GPYC)
- GIAC Certified Enterprise Defender (GCED)
- GIAC Certified Threat Intelligence (GCTI)
- CCNA Cyber Operations
- Applied Network Defense Bro/Zeek Scripting
- Various others....
Whitepapers
Detectors as Code
The Challenge of Detector Management Security operations and monitoring teams face a variety of challenges: the rapid evolution of adversarial tradecraft, poor detector documentation, lack of detector version control, poor detection methodology, lack of testing procedures, and change control proce…
Soteria