KWM - KWM

August 28, 2024

Where do your incidents come from?

How do you identity your highest severity incidents in the first place? Which data sources or products deliver the investigative leads? And which are critical to detection and response? These questions speak directly to the value of data sources, products, and functions.

What are the prevailing root causes? This speaks directly to the quality of incident management, particularly post-incident review.

I can’t stress enough the importance of being able to answer these questions as the leader of any operational team (cybersecurity, technology, or otherwise).

Twitter Facebook LinkedIn

Multicloud, and multiSIEM

September 10, 2024

tl;dr

Breaches are more like plane crashes than car crashes

September 9, 2024

August 29, 2024

A simple framework for talking to leadership about a cybersecurity program, particularly for an inbound security leader looking to level-set:

SaaS attack technique matrix Permalink

August 25, 2024

Inspired by MITRE ATT&CK, the good folks at Push Security have taken a pass at enumerating attack techniques specific to Software-as-a-Service (SaaS) applications.

by Keith McCammon

You May Also Enjoy

Multicloud, and multiSIEM

Breaches are more like plane crashes than car crashes

SaaS attack technique matrix Permalink