Down With SIEM, Long Live SOAR! – Nathan Hunstad – ESW #229
SIEM tools have been the bedrock of Security Operation Centers, or SOCs, for much of the history of modern security. That does not mean that they are loved: most SIEM tools are overwrought, complex, and hard to manage. In the past few years a new category of tool has emerged: SOAR. While many teams that invest in SOAR platforms are first leveraging them for automation, Code42 Principal Security Engineer & Researcher Nathan Hunstad believes that SOAR tools are also poised to finally displace SIEM at the top of the blue team tool pyramid, and rightly so.
This segment is sponsored by Code42.
Visit https://securityweekly.com/code42 to learn more about them!
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Nathan Hunstad is the Principal Security Research and Engineer at Code42 and focuses on automation, logging infrastructure, and threat analysis. He has over 10 years of security experience in numerous roles in both the public and private sector, including Security Operations, Threat and Vulnerability Management, Risk Assessment and Management, Cyber Intelligence, and Threat Hunting. He has a Masters of Science in Security Technologies from the University of Minnesota.