Anton’s Security Blog Quarterly Q4 2022
Published in
3 min readNov 7, 2022
Great blog posts are sometimes hard to find (especially on Medium), so I decided to do a periodic list blog with my favorite posts of the past quarter or so.
Here is the next one. The posts below are ranked by lifetime views. This covers both Anton on Security and my posts from Google Cloud blog, and our Cloud Security Podcast too (subscribe).
Top 5 most popular posts of all times (these ended up being the same as last quarter):
- “Security Correlation Then and Now: A Sad Truth About SIEM”
- “Can We Have “Detection as Code”?”
- “New Paper: “Future of the SOC: SOC People — Skills, Not Tiers””
- “New Paper: “Future of the SOC: Forces shaping modern security operations””
- “Beware: Clown-grade SOCs Still Abound”
Top 5 posts with the most Medium fans (these are also the same as last quarter):
- “Security Correlation Then and Now: A Sad Truth About SIEM”
- “Beware: Clown-grade SOCs Still Abound”
- “Can We Have “Detection as Code”?”
- “Why Is Threat Detection Hard?”
- “Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…”
Top 5 Cloud Security Podcast by Google episodes:
- Episode 1“Confidentially Speaking”
- Episode 2 “Data Security in the Cloud”
- EP47 “Megatrends, Macro-changes, Microservices, Oh My! Changes in 2022 and Beyond in Cloud Security”
- Episode 3 Automate and/or Die?
- EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil
Random fun new posts:
- ”Why Your Security Data Lake Project Will … Well, Actually …”
- “Detection as Code? No, DETECTION AS COOKING”
- ”On Trust and Transparency in Detection”
Now, fun posts by topic.
Security operations / detection & response:
- “Security Correlation Then and Now: A Sad Truth About SIEM”
- “Achieving Autonomic Security Operations: Why metrics matter (but not how you think)” [GCP blog]
- “Can We Have “Detection as Code”?”
- “New Paper: “Future of the SOC: SOC People — Skills, Not Tiers””
- “New Paper: “Future of the SOC: Forces shaping modern security operations””
- “Beware: Clown-grade SOCs Still Abound”
- “Revisiting the Visibility Triad for 2020”
- “Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…”
- “Why is Threat Detection Hard?”
- “A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next”
- ”Top 10 SIEM Log Sources in Real Life?”
Data security:
- “How autonomic data security can help define cloud’s future” [GCP blog]
- “New whitepaper: Designing and deploying a data security strategy with Google Cloud” [GCP Blog]
- “The cloud trust paradox: To trust cloud computing more, you need the ability to trust it less” [GCP Blog]
- “The cloud trust paradox: 3 scenarios where keeping encryption keys off the cloud may be necessary” [GCP Blog]
- “Best kept security secrets: How Cloud EKM can help resolve the cloud trust paradox” [GCP blog]
- “Data Security and Threat Models”
- “Lost in translation: encryption, key management, and real security” [GCP Blog]
- “Musings on Modern Data Security”
Cloud security:
- “How CISOs need to adapt their mental models for cloud security” [GCP blog]
- “How to think about threat detection in the cloud” [GCP blog]
- “Who Does What In Cloud Threat Detection?”
- “A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next”
- “Where Does Shared Responsibility Model for Security Breaks in the Real World?”
- “Best Kept Security Secrets: Tap into the power of Organization Policy Service” [GCP blog]
- “Cloud Migration Security Woes”
- “Move to Cloud: A Chance to Finally Transform Security?”
- “Is Your Fate In the Cloud?”
Enjoy!
Previous posts in this series:
- Anton’s Security Blog Quarterly Q3 2022
- Anton’s Security Blog Quarterly Q2 2022
- Anton’s Security Blog Quarterly Q1 2022
- Anton’s Security Blog Quarterly Q4 2021
- Anton’s Security Blog Quarterly Q3 2021
- Anton’s Security Blog Quarterly Q2 2021
- Anton’s Security Blog Quarterly Q1 2021
- Anton’s Security Blog Quarterly Q3.5 2020
