Monkeynoodle.Org

Monkeynoodle logo

ai architecture artificial-intelligence blog blogging Book Review business career Compliance Content Corporate Life Customer Support cybersecurity data data-science DevOps education entropy fitness garmin leadership Licensing life marketing microservices Monitoring music Observability Operations Partnership philosophy Product Management Products saas Sales Security software-development technology User Experience wordpress writing

Tag: Security

  • Prioritizing Vulnerability Findings

    Prioritizing Vulnerability Findings

    Most shops are small. Small shops as a rule (there are exceptions!) do not dedicate resources to security, and that represents risks to big shops that depend on those small shops. Big shops don’t like risk, so we have compliance baselines. Big shops usually have lots of dedicated security people…

  • SIEM’s not Dead, It’s Only Disrupted

    SIEM’s not Dead, It’s Only Disrupted

    The old SIEM vision was “put everything in one hot pile and index the hell out of it and then run out of the box content over it so you can pivot from known to unknown questions smoothly”… which sounds lovely until you have to pay for it. In that…

  • Sorting Alerts

    Sorting Alerts

    Ah, the new year! February begins the new fiscal for many organizations, and it’s a fine time for resolutions and spring cleaning. You know, fun stuff like dumping recurring meetings, washing the windows, tech debt hackathons, or rearranging the living room. Here’s a fun spring cleaning activity to consider: review,…

  • Entropy Gonna Get Your Data

    Entropy Gonna Get Your Data

    Here’s some followup to my Norton’s Law post — Quinn Norton explained “The main thing I’d add, and I should revisit this, is that it’s an expression of not too complex information theory/physics in our current data landscape: information, in all its glorious forms, requires energy, and if it doesn’t…

  • Security Dependencies

    Security Dependencies

    It sucks that this happened. It sucks that there are wildfires too, but we’re too late to change the causes so we live and sometimes die with the results. As with smoky skies and the occasional torching of a community, so with annoying security products and the occasional loss of…

  • Book Review: Security Chaos Engineering

    Book Review: Security Chaos Engineering

    Excellent book, introduction helpfully posted here. I’ve read a goodly number of information security books; there’s a weird (good weird) feeling to this one. Obviously some of that is from Kelly Shortridge’s (and Aaron Rinehart’s?) eclectic interests: a recipe for Mexican hot chocolate is used as a process mnemonic, for…

  • Why is Getting Data In hard?

    Why is Getting Data In hard?

    Maybe first we should ask why people say it’s hard. After all, this shiny modern world is full of one-liners to install agents, hook in libraries, listen to your provider’s pub-sub, or just post stuff at an endpoint. It’s never been easier to get data, and it’s not like writing…

  • Norton’s Law

    Norton’s Law

    There’s a great xkcd about the 10,000 people hearing about a thing for the first time today:.. so perhaps today is your day for hearing about Norton’s Law. In 2015, Quinn Norton wrote Norton’s Law in Hello, Future Pastebin Readers. To wit: over time, all data approaches deleted, or public.…

  • Task Scheduling and Slippage

    Task Scheduling and Slippage

    Enterprise systems have a lot of things that need to happen. If they all happen at the same time, you’ll either overload your constrained resources or overload the budget attached to your elastic resources. Plus, some of these things are supposed to occur at a specific time, and others should…

  • Help Net Security Observability video

    How Security Observability can help you fight cyber attacks