BH2020 Subscribe

Incident Response, Threat Management

Threat Hunting Platforms vs. SIEM, What’s the Difference? – Corey Thuen – BH20 #2

August 4, 2020

What use cases are addressed by Threat Hunting Platforms and SIEMs? Where is the overlap and where are the differences? This talk covers the high level and low-level tech that drives these differences.

This segment is sponsored by Gravwell.

Visit https://securityweekly.com/gravwell to learn more about them!

Gravwell is a threat hunting platform built for ingest and search of logs and binary data sources at scale. To learn more, visit: https://www.gravwell.io/summercamp2020

Sponsored By

Gravwell

Full episode and show notes

Guest

Corey Thuen

Co-Founder at Gravwell

Corey Thuen is a founder of Gravwell and has spent over a decade doing cybersecurity at places like Department of Energy national labs, Digital Bond, and IOActive. That experience is now driving development of a full-stack analytics platform built to alleviate pain points he personally experienced from inflexible tools.

Host

Paul Asadoorian

Principal Security Evangelist at Eclypsium

https://securitypodcaster.com

Related

Managed Services

From Hackers to Streakers – How Counterintelligence Teams are Protecting the NFL – Joe McMann – ESW #358

April 18, 2024

Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on a whole different level. In this interview, we'll talk to Joe McMann ...

Tips for a Successful Cyber Resilience Program – Olusegun Opeyemi-Ajayi – CSP #169

April 9, 2024

The cybersecurity threat landscape is constantly evolving, and experience has shown that everyone and every organization is prone to being breached. How do you prepare for what seems inevitable? You assume breach and plan accordingly. Cyber resilience has become a top priority as organizations figure out how to build a network that can either conti...

Incident Response

What can we do today to prevent tomorrow’s breach? – Michael Mumcuoglu – ESW #352

March 7, 2024

Defenders spend a lot of time and money procuring and implementing security controls. At the heart of SecOps and the SOC are technologies like XDR, SIEM, and SOAR. How do we know these technologies are going to detect or prevent attacks? Wait for the annual pen test? Probably not a good idea. In this segment, we'll talk with Michael Mumcuoglu ab...