Alex Teixeira

Mar 14

3 min read

Threat Detection Bad Trips: Log Everything!

Alright, this is a public service for SIEM engineers. How many times you've heard that answer when someone asks 'What should be logged?' and how hard is it today to predict the outcome of over-logging?

Disclaimer: all opinions here are applicable to enterprise, corporate environments only. That's where most of my experience comes from. It doesn't apply to SMBs or military environments, for instance.

Know your recipes

--

--

More from Alex Teixeira

Blueteamer. Love logz. Threat Detection Engineering & Security Analytics. Independent contractor. Opstune.com #followback

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alex Teixeira

Alex Teixeira

686 Followers

Blueteamer. Love logz. Threat Detection Engineering & Security Analytics. Independent contractor. Opstune.com #followback

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech