This Is Not Your Grandfather's SIEM

Explore the evolution and complexities of modern Security Information and Event Management (SIEM) systems in this 50-minute conference talk by Carson Zimmerman. Delve into the changing landscape of CSOC (Cybersecurity Operations Center) analytics platforms, from the early days of single-product solutions to today's diverse and sophisticated systems. Learn about key design considerations and opportunities in implementing and evolving a state-of-the-art CSOC analytic platform. Gain insights into critical tasks such as normalization, near-real-time correlation, analyst triage, pivot, and workflow. Benefit from Zimmerman's extensive experience in CSOC roles, including his work as a CSOC engineering team lead at Microsoft and his authorship of "Ten Strategies of a World-Class Cybersecurity Operations Center."

This Is Not Your Grandfather's SIEM - Carson Zimmerman