#72 - Logging In with SIEMs (with Anton Chuvakin)

On this episode of CISO Tradecraft, Anton Chuvakin talks about Logging, Security Information & Event Management (SIEM) tooling, and Cloud Security.  Anton share’s fantastic points of view on: How moving to the cloud is like moving to a space station (13:44) How you may be one IAM mistake away from a breach (20:05) How a SIEM is a logging based approach, whereas EDRs require agents at endpoints.  This becomes really interesting when cloud solutions don’t have an endpoint to install an agent (26:53) Why you don’t want an on premises SIEM (32:35) The 3 AM Test - Should you wake someone up for this alert at 3 AM (39:24)

Om Podcasten

Welcome to CISO Tradecraft®, your guide to mastering the art of being a top-tier Chief Information Security Officer (CISO). Our podcast empowers you to elevate your information security skills to an executive level. Join us on this journey through the domains of effective CISO leadership. © Copyright 2025, National Security Corporation. All Rights Reserved